What is RHSA-2026:13938?

RHSA-2026:13938 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Which CVE IDs does RHSA-2026:13938 cover?

RHSA-2026:13938 covers the following CVE IDs: CVE-2026-34032, CVE-2026-34059, CVE-2026-23918, CVE-2026-24072, CVE-2026-33007. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2026:13938?

RHSA-2026:13938 has a CVSS v3 base score of 8.8, published by Red Hat Product Security.

RHSA-2026:13938HighCVSS 8.8

Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Vendor

Red Hat Product Security

Published

May 6, 2026

Last Modified

May 27, 2026

🔗 CVE IDs covered (5)

CVE-2026-34032 →CVE-2026-34059 →CVE-2026-23918 →CVE-2026-24072 →CVE-2026-33007 →

📋 Description

CVE-2026-23918 — Apache HTTP Server: Apache HTTP Server: Remote Code Execution via Double Free in HTTP/2 Protocol CVE-2026-24072 — Apache HTTP Server: mod_rewrite: Apache HTTP Server: Privilege Escalation via .htaccess file manipulation CVE-2026-33007 — httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash CVE-2026-34032 — httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check CVE-2026-34059 — httpd: mod_proxy_ajp: heap-based buffer over-read and memory disclosure in ajp_parse_data()

🔗 References (9)

selfhttps://access.redhat.com/errata/RHSA-2026:13938
externalhttps://images.redhat.com/
externalhttps://access.redhat.com/security/cve/CVE-2026-23918
externalhttps://access.redhat.com/security/cve/CVE-2026-24072
externalhttps://access.redhat.com/security/updates/classification/
externalhttps://access.redhat.com/security/cve/CVE-2026-34032
externalhttps://access.redhat.com/security/cve/CVE-2026-33007
externalhttps://access.redhat.com/security/cve/CVE-2026-34059
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_13938.json