What is RHSA-2026:14272?

RHSA-2026:14272 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat AMQ Broker 7.13.5 release and security update

Which CVE IDs does RHSA-2026:14272 cover?

RHSA-2026:14272 covers the following CVE IDs: CVE-2025-14813, CVE-2026-0636, CVE-2026-2332, CVE-2026-5588, CVE-2026-24281, CVE-2026-24308, CVE-2026-33870, CVE-2026-33871. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2026:14272?

RHSA-2026:14272 has a CVSS v3 base score of 7.5, published by Red Hat Product Security.

RHSA-2026:14272HighCVSS 7.5

Red Hat Security Advisory: Red Hat AMQ Broker 7.13.5 release and security update

Vendor

Red Hat Product Security

Published

May 6, 2026

Last Modified

May 28, 2026

🔗 CVE IDs covered (8)

CVE-2025-14813 →CVE-2026-0636 →CVE-2026-2332 →CVE-2026-5588 →CVE-2026-24281 · pendingCVE-2026-24308 · pendingCVE-2026-33870 · pendingCVE-2026-33871 · pending

📋 Description

CVE-2025-14813 — bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly CVE-2026-0636 — bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java CVE-2026-2332 — org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing CVE-2026-5588 — bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid CVE-2026-24281 — Apache ZooKeeper: Apache ZooKeeper: Impersonation of servers or clients via reverse DNS spoofing CVE-2026-24308 — Apache ZooKeeper: Apache ZooKeeper: Information disclosure via improper handling of configuration values CVE-2026-33870 — io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values CVE-2026-33871 — netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood

🔗 CVE IDs covered (8)

📋 Description

🔗 References (13)