What is RHSA-2026:7261?

RHSA-2026:7261 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

What is the CVSS v3 score of RHSA-2026:7261?

RHSA-2026:7261 has a CVSS v3 base score of 9.8, published by Red Hat Product Security.

RHSA-2026:7261: Red Hat Security Advisory: R…

🔗 CVE IDs covered (23)

CVE-2026-22795 →CVE-2025-11187 →CVE-2025-66199 →CVE-2026-2673 →CVE-2026-22796 →CVE-2026-28387 →CVE-2026-28388 →CVE-2025-9231 →CVE-2025-9232 →CVE-2025-15469 →CVE-2025-68160 →CVE-2026-28389 →CVE-2025-15468 →CVE-2025-69418 →CVE-2025-69421 →CVE-2026-28386 →CVE-2026-28390 →CVE-2026-31789 →CVE-2026-31790 →CVE-2025-9230 →CVE-2025-15467 →CVE-2025-69419 →CVE-2025-69420 →

📋 Description

CVE-2025-9230 — openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9231 — openssl: Timing side-channel in SM2 algorithm on 64 bit ARM CVE-2025-9232 — openssl: Out-of-bounds read in HTTP client no_proxy handling CVE-2025-11187 — openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file CVE-2025-15467 — openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing CVE-2025-15468 — openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling CVE-2025-15469 — openssl: OpenSSL: Data integrity bypass in openssl dgst command due to silent truncation CVE-2025-66199 — openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression CVE-2025-68160 — openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter CVE-2025-69418 — openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls CVE-2025-69419 — openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing CVE-2025-69420 — openssl: OpenSSL: Denial of Service via malformed TimeStamp Response CVE-2025-69421 — openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing CVE-2026-2673 — openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group CVE-2026-22795 — openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing CVE-2026-22796 — openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification CVE-2026-28386 — openssl: openssl: Denial of Service due to out-of-bounds read in AES-CFB128 CVE-2026-28387 — openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication CVE-2026-28388 — openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing CVE-2026-28389 — openssl: OpenSSL: Denial of Service vulnerability in CMS processing CVE-2026-28390 — openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-31789 — openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing CVE-2026-31790 — openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

🔗 CVE IDs covered (23)

📋 Description

🔗 References (27)