RHSA-2026:28491MediumCVSS 7.0
Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
🔗 CVE IDs covered (1)
📋 Description
CVE-2026-44604 — rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command
🔗 References (5)
- selfhttps://access.redhat.com/errata/RHSA-2026:28491
- externalhttps://access.redhat.com/security/cve/CVE-2026-44604
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://images.redhat.com/
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_28491.json