RHSA-2026:7243HighCVSS 7.8
Red Hat Security Advisory: OpenShift Container Platform 4.19.28 bug fix and security update
🔗 CVE IDs covered (7)
CVE-2026-25646 →CVE-2026-25749 →CVE-2026-28417 →CVE-2026-28421 →CVE-2026-33412 · pendingCVE-2024-28757 →CVE-2025-61662 →
📋 Description
CVE-2024-28757 — expat: XML Entity Expansion CVE-2025-61662 — grub2: Missing unregister call for gettext command may lead to use-after-free CVE-2026-25646 — libpng: LIBPNG has a heap buffer overflow in png_set_quantize CVE-2026-25749 — vim: Vim: Arbitrary code execution via 'helpfile' option processing CVE-2026-28417 — vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28421 — vim: Vim: Denial of service and information disclosure via crafted swap file CVE-2026-33412 — vim: Vim: Arbitrary code execution via command injection in glob() function
🔗 References (10)
- selfhttps://access.redhat.com/errata/RHSA-2026:7243
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2268766
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2414683
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2437843
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2438542
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2443455
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2443474
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2450907
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7243.json