What is RHSA-2026:13508?

RHSA-2026:13508 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update

What is the CVSS v3 score of RHSA-2026:13508?

RHSA-2026:13508 has a CVSS v3 base score of 9.1, published by Red Hat Product Security.

RHSA-2026:13508HighCVSS 9.1

Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update

Vendor

Red Hat Product Security

Published

May 4, 2026

Last Modified

May 29, 2026

🔗 CVE IDs covered (11)

CVE-2025-69534 · pendingCVE-2026-23490 →CVE-2026-26996 · pendingCVE-2026-27459 · pendingCVE-2026-32597 →CVE-2026-39373 →CVE-2025-14550 →CVE-2026-6266 →CVE-2026-25679 →CVE-2026-27606 · pendingCVE-2026-30922 →

📋 Description

CVE-2025-14550 — Django: Django: Denial of Service via crafted request with duplicate headers CVE-2025-69534 — python-markdown: denial of service via malformed HTML-like sequences CVE-2026-6266 — aap-controller: aap-gateway: Account hijacking and unauthorized access via unverified email linking CVE-2026-23490 — pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID CVE-2026-25679 — net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-26996 — minimatch: minimatch: Denial of Service via specially crafted glob patterns CVE-2026-27459 — pyOpenSSL: DTLS cookie callback buffer overflow CVE-2026-27606 — rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability CVE-2026-30922 — pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion CVE-2026-32597 — pyjwt: PyJWT accepts unknown crit header extensions (RFC 7515 §4.1.11 MUST violation) CVE-2026-39373 — JWCrypto: python-cryptography: python: JWCrypto: Memory exhaustion via crafted compressed JWE tokens

🔗 CVE IDs covered (11)

📋 Description

🔗 References (16)