RHSA-2026:16030HighCVSS 8.2

Red Hat Security Advisory: Red Hat AI Inference Server 3.3.3 (CUDA)

Published
May 11, 2026
Last Modified
May 29, 2026

🔗 CVE IDs covered (12)

CVE-2026-4424CVE-2026-5121CVE-2026-23868CVE-2026-26209 · pendingCVE-2026-27135CVE-2026-27622 · pendingCVE-2026-42309CVE-2026-42310CVE-2026-3497CVE-2026-4519CVE-2026-5201CVE-2026-40192

📋 Description

CVE-2026-3497 — openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables CVE-2026-4424 — libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing CVE-2026-4519 — python: Python: Command-line option injection in webbrowser.open() via crafted URLs CVE-2026-5121 — libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing CVE-2026-5201 — gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image CVE-2026-23868 — giflib: Giflib: Double-free vulnerability leading to memory corruption CVE-2026-26209 — cbor2: cbor2: Denial of Service due to uncontrolled recursion via crafted CBOR payloads CVE-2026-27135 — nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination CVE-2026-27622 — openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing CVE-2026-40192 — Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing CVE-2026-42309 — Pillow: Pillow: Denial of Service via specially crafted coordinate input CVE-2026-42310 — Pillow: Pillow: Denial of Service via malicious PDF processing

🔗 References (18)