RHSA-2026:16174HighCVSS 8.2

Red Hat Security Advisory: Red Hat AI Inference Server 3.3.3 (Spyre)

Published
May 12, 2026
Last Modified
May 29, 2026

🔗 CVE IDs covered (29)

CVE-2026-3497CVE-2026-25506CVE-2026-0994CVE-2026-4111CVE-2026-27622 · pendingCVE-2025-14831CVE-2026-4519CVE-2026-26209 · pendingCVE-2026-28417CVE-2023-52356CVE-2026-5121CVE-2026-5201CVE-2026-22801CVE-2026-25749CVE-2026-33412 · pendingCVE-2023-40403CVE-2025-13836CVE-2025-15367CVE-2026-4424CVE-2026-22695CVE-2026-25990CVE-2026-28421CVE-2026-1299CVE-2026-2447CVE-2025-15366CVE-2026-23868CVE-2026-25646CVE-2026-27135CVE-2026-40192

📋 Description

CVE-2023-40403 — libxslt: Processing web content may disclose sensitive information CVE-2023-52356 — libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service CVE-2025-13836 — cpython: Excessive read buffering DoS in http.client CVE-2025-14831 — gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification CVE-2025-15366 — cpython: IMAP command injection in user-controlled commands CVE-2025-15367 — cpython: POP3 command injection in user-controlled commands CVE-2026-0994 — python: protobuf: Protobuf: Denial of Service due to recursion depth bypass CVE-2026-1299 — cpython: email header injection due to unquoted newlines CVE-2026-2447 — libvpx: Heap buffer overflow in libvpx CVE-2026-3497 — openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables CVE-2026-4111 — libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive CVE-2026-4424 — libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing CVE-2026-4519 — python: Python: Command-line option injection in webbrowser.open() via crafted URLs CVE-2026-5121 — libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing CVE-2026-5201 — gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image CVE-2026-22695 — libpng: libpng: Denial of service and information disclosure via heap buffer over-read in png_image_finish_read CVE-2026-22801 — libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API CVE-2026-23868 — giflib: Giflib: Double-free vulnerability leading to memory corruption CVE-2026-25506 — MUNGE: MUNGE has a buffer overflow in message unpacking allows key leakage and credential forgery CVE-2026-25646 — libpng: LIBPNG has a heap buffer overflow in png_set_quantize CVE-2026-25749 — vim: Vim: Arbitrary code execution via 'helpfile' option processing CVE-2026-25990 — pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image CVE-2026-26209 — cbor2: cbor2: Denial of Service due to uncontrolled recursion via crafted CBOR payloads CVE-2026-27135 — nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination CVE-2026-27622 — openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing CVE-2026-28417 — vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28421 — vim: Vim: Denial of service and information disclosure via crafted swap file CVE-2026-33412 — vim: Vim: Arbitrary code execution via command injection in glob() function CVE-2026-40192 — Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing

🔗 References (33)