RHSA-2026:18868HighCVSS 8.8

Red Hat Security Advisory: linux-sgx security update

Published
May 19, 2026
Last Modified
May 27, 2026

🔗 CVE IDs covered (5)

CVE-2025-13465CVE-2025-15284CVE-2026-23745CVE-2026-23950CVE-2026-24842

📋 Description

CVE-2025-13465 — lodash: prototype pollution in _.unset and _.omit functions CVE-2025-15284 — qs: qs: Denial of Service via improper input validation in array parsing CVE-2026-23745 — node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives CVE-2026-23950 — node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition CVE-2026-24842 — node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

🔗 References (11)