RHSA-2026:6761HighCVSS 7.5
Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.2.2 (CUDA)
🔗 CVE IDs covered (6)
CVE-2025-69228 · pendingCVE-2026-25048 · pendingCVE-2026-28356 →CVE-2026-32981 · pendingCVE-2025-68131 · pendingCVE-2025-69227 · pending
📋 Description
CVE-2025-68131 — cbor2: cbor2: Information Disclosure via shared memory in CBORDecoder reuse CVE-2025-69227 — aiohttp: aiohttp: Denial of Service via specially crafted POST request CVE-2025-69228 — aiohttp: aiohttp: Denial of Service via memory exhaustion from crafted POST request CVE-2026-25048 — xgrammar: xgrammar: Denial of Service via multi-level nested syntax CVE-2026-28356 — multipart: denial of service via maliciously crafted HTTP or multipart segment headers CVE-2026-32981 — ray: Ray Dashboard Path Traversal Leading to Local File Disclosure
🔗 References (10)
- selfhttps://access.redhat.com/errata/RHSA-2026:6761
- externalhttps://access.redhat.com/security/cve/CVE-2025-68131
- externalhttps://access.redhat.com/security/cve/CVE-2025-69227
- externalhttps://access.redhat.com/security/cve/CVE-2025-69228
- externalhttps://access.redhat.com/security/cve/CVE-2026-25048
- externalhttps://access.redhat.com/security/cve/CVE-2026-28356
- externalhttps://access.redhat.com/security/cve/CVE-2026-32981
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://www.redhat.com/en/products/ai/inference-server
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6761.json