RHSA-2026:8346HighCVSS 8.2

Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Published
April 15, 2026
Last Modified
July 2, 2026

🔗 CVE IDs covered (8)

📋 Description

CVE-2025-53859 — nginx: NGINX ngx_mail_smtp_module vulnerability CVE-2026-1642 — nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-27651 — NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled CVE-2026-27654 — NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module CVE-2026-27784 — NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file CVE-2026-28753 — NGINX: NGINX Plus: NGINX Open Source: NGINX Plus and NGINX Open Source: Request manipulation via header injection in SMTP upstream requests CVE-2026-28755 — NGINX: NGINX: Certificate revocation bypass when OCSP is enabled CVE-2026-32647 — nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files

🔗 References (12)