RHSA-2026:10184HighCVSS 9.9

Red Hat Security Advisory: RHOAI 2.25.5 - Red Hat OpenShift AI

Published
April 23, 2026
Last Modified
July 7, 2026

🔗 CVE IDs covered (50)

📋 Description

CVE-2025-6242 — vllm: Server Side request forgery (SSRF) in MediaConnector CVE-2025-11157 — feast: Feast: Remote Code Execution via insecure YAML deserialization CVE-2025-12103 — openshift-ai: Trusty AI Grants All Authenticated users to list pods in any namespace CVE-2025-14009 — nltk: Zip Slip Vulnerability in nltk Leading to Code Execution CVE-2025-61726 — golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61728 — golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip CVE-2025-61729 — crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-66418 — urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66471 — urllib3: urllib3 Streaming API improperly handles highly compressed data CVE-2025-68131 — cbor2: cbor2: Information Disclosure via shared memory in CBORDecoder reuse CVE-2025-69223 — aiohttp: AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb CVE-2025-69227 — aiohttp: aiohttp: Denial of Service via specially crafted POST request CVE-2025-69228 — aiohttp: aiohttp: Denial of Service via memory exhaustion from crafted POST request CVE-2025-69534 — python-markdown: denial of service via malformed HTML-like sequences CVE-2026-0846 — nltk: NLTK: Arbitrary file read via improper path validation in filestring() function CVE-2026-0847 — nltk: NLTK: Arbitrary file read via path traversal vulnerability CVE-2026-1002 — io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files CVE-2026-2472 — google-cloud-aiplatform: google-cloud-aiplatform: Arbitrary code execution via Stored Cross-Site Scripting (XSS) CVE-2026-2492 — tensorflow: TensorFlow: Local privilege escalation via uncontrolled search path for plugins CVE-2026-21441 — urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API) CVE-2026-22773 — vllm: vLLM: Denial of Service via specially crafted image in multimodal model serving CVE-2026-22807 — vLLM: vLLM: Arbitrary code execution via untrusted model loading CVE-2026-24049 — wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking CVE-2026-24281 — Apache ZooKeeper: Apache ZooKeeper: Impersonation of servers or clients via reverse DNS spoofing CVE-2026-24308 — Apache ZooKeeper: Apache ZooKeeper: Information disclosure via improper handling of configuration values CVE-2026-24486 — python-multipart: Python-Multipart: Arbitrary file write via path traversal vulnerability CVE-2026-24779 — vLLM: vLLM: Server-Side Request Forgery allows internal network access CVE-2026-25223 — Fastify: Fastify: Validation bypass due to malformed Content-Type header leading to integrity impact CVE-2026-25639 — axios: Axios affected by Denial of Service via proto Key in mergeConfig CVE-2026-25679 — net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25990 — pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image CVE-2026-26007 — cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves CVE-2026-26996 — minimatch: minimatch: Denial of Service via specially crafted glob patterns CVE-2026-27137 — crypto/x509: Incorrect enforcement of email constraints in crypto/x509 CVE-2026-27628 — pypdf: possible infinite loop when loading circular /Prev entries in cross-reference streams CVE-2026-27888 — pypdf: pypdf: Denial of Service via crafted PDF CVE-2026-27904 — minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions CVE-2026-27959 — koa: Koa: Host header injection vulnerability due to malformed HTTP Host header parsing CVE-2026-28229 — argo-workflows: Argo Workflows has unauthorized access to Argo Workflows Template CVE-2026-28356 — multipart: denial of service via maliciously crafted HTTP or multipart segment headers CVE-2026-30922 — pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion CVE-2026-31837 — istio: Istio: Information disclosure and authentication bypass via JWKS resolver unavailability CVE-2026-31892 — github.com/argoproj/argo-workflows: Argo Workflows: Security bypass allows privilege escalation via podSpecPatch field CVE-2026-31958 — tornado-python: Tornado: Denial of Service via large multipart bodies CVE-2026-32274 — black: Black: Arbitrary file writes from unsanitized user input in cache file name CVE-2026-32597 — pyjwt: PyJWT accepts unknown crit header extensions (RFC 7515 §4.1.11 MUST violation) CVE-2026-32640 — simpleeval: SimpleEval: Arbitrary code execution via sandbox escape due to improper object handling CVE-2026-33236 — nltk: NLTK: Arbitrary file overwrite and creation via path traversal in XML index files CVE-2026-33870 — io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values CVE-2026-33871 — netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood

🔗 References (54)