RHSA-2026:36350HighCVSS 8.5

Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview

Published
July 7, 2026
Last Modified
July 8, 2026

🔗 CVE IDs covered (6)

📋 Description

CVE-2025-69196 — fastmcp: FastMCP: Improper token issuance due to incorrect resource parameter handling CVE-2025-69872 — python-diskcache: python-diskcache: Arbitrary code execution via insecure pickle deserialization CVE-2026-32871 — fastmcp: FastMCP: Authenticated Server-Side Request Forgery via path traversal in OpenAPI path parameters CVE-2026-44431 — urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers CVE-2026-44432 — urllib3: urllib3: Denial of Service due to excessive HTTP response decompression CVE-2026-48526 — python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens

🔗 References (11)