React Router vulnerable to XSS via Open Redirects

Summary

CVECVE-2026-22029
StatePUBLISHED
AssignerGitHub_M
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-01-10 03:15:48 UTC
Updated2026-07-15 02:18:33 UTC
DescriptionReact Router is a router for React. In @remix-run/router version prior to 1.23.2 and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect. There is no impact if Declarative Mode (<BrowserRouter>) is being used. This issue has been patched in @remix-run/router version 1.23.2 and react-router version 7.12.0.

Risk And Classification

Primary CVSS: v3.1 6.1 MEDIUM from [email protected]

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS: 0.007700000 probability, percentile 0.514400000 (date 2026-07-15)

Problem Types: CWE-79 | CWE-79 CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')


VersionSourceTypeScoreSeverityVector
3.1[email protected]Primary6.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3.1ADPCVSS8HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
3.1[email protected]Secondary8HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
3.10b0ca135-0b70-47e7-9f44-1890c2a1c46cSecondary8HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
3.1CNADECLARED8HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

CVSS v3.1 Breakdown

Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Application Shopify React-router All All All All
Application Shopify Remix-run/react All All All All

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Remix-run React-router affected >= 7.0.0, < 7.12.0 Not specified
CNA Remix-run @remix-run/router affected < 1.23.2 Not specified
ADP Red Hat Red Hat Ansible Automation Platform 2.5 For RHEL 8 unaffected 0:2.5.20260225-1.el8ap * rpm Not specified
ADP Red Hat Red Hat Ansible Automation Platform 2.5 For RHEL 9 unaffected 0:2.5.20260225-1.el9ap * rpm Not specified
ADP Red Hat Red Hat Ansible Automation Platform 2.6 For RHEL 9 unaffected 0:2.6.6-1.el9ap * rpm Not specified
ADP Red Hat Multicluster Engine For Kubernetes 2.10 unaffected 1777128790 * rpm Not specified
ADP Red Hat Multicluster Engine For Kubernetes 2.6 unaffected 1776223790 * rpm Not specified
ADP Red Hat Multicluster Engine For Kubernetes 2.7 unaffected 1773100128 * rpm Not specified
ADP Red Hat Multicluster Engine For Kubernetes 2.8 unaffected 1775116156 * rpm Not specified
ADP Red Hat Red Hat Advanced Cluster Management For Kubernetes 2.12 unaffected 1773259174 * rpm Not specified
ADP Red Hat Red Hat Advanced Cluster Management For Kubernetes 2.13 unaffected 1775116130 * rpm Not specified
ADP Red Hat Red Hat Advanced Cluster Management For Kubernetes 2.14 unaffected 1769990632 * rpm Not specified
ADP Red Hat Red Hat Advanced Cluster Management For Kubernetes 2.14 unaffected 1782693386 * rpm Not specified
ADP Red Hat Red Hat Advanced Cluster Management For Kubernetes 2.15 unaffected 1776927126 * rpm Not specified
ADP Red Hat Red Hat Advanced Cluster Security For Kubernetes 4.8 unaffected 1769615659 * rpm Not specified
ADP Red Hat Red Hat Advanced Cluster Security For Kubernetes 4.9 unaffected 1770074713 * rpm Not specified
ADP Red Hat Red Hat Advanced Cluster Security For Kubernetes 4.9 unaffected 1770250889 * rpm Not specified
ADP Red Hat Red Hat Ansible Automation Platform 2.6 unaffected 1772543959 * rpm Not specified
ADP Red Hat Red Hat Discovery 2 unaffected 1770913709 * rpm Not specified
ADP Red Hat Red Hat Edge Manager 1.0 unaffected 1783502765 * rpm Not specified
ADP Red Hat Red Hat Edge Manager 1.0 unaffected 1783502438 * rpm Not specified
ADP Red Hat Red Hat OpenShift AI 2.25 unaffected 1772093424 * rpm Not specified
ADP Red Hat Red Hat OpenShift AI 2.25 unaffected 1772093498 * rpm Not specified
ADP Red Hat Red Hat OpenShift AI 3.3 unaffected 1779189627 * rpm Not specified
ADP Red Hat Red Hat OpenShift AI 3.3 unaffected 1778473763 * rpm Not specified
ADP Red Hat Red Hat OpenShift AI 3.3 unaffected 1778666987 * rpm Not specified
ADP Red Hat Red Hat OpenShift Container Platform 4.17 unaffected 1782269794 * rpm Not specified
ADP Red Hat Red Hat OpenShift Container Platform 4.18 unaffected 1779874967 * rpm Not specified
ADP Red Hat Red Hat OpenShift Container Platform 4.19 unaffected 1779256322 * rpm Not specified
ADP Red Hat Red Hat OpenShift Container Platform 4.19 unaffected 1779249920 * rpm Not specified
ADP Red Hat Red Hat OpenShift Container Platform 4.20 unaffected 1778645099 * rpm Not specified
ADP Red Hat Red Hat OpenShift Container Platform 4.20 unaffected 1778645008 * rpm Not specified
ADP Red Hat Red Hat OpenShift Container Platform 4.21 unaffected 1778539338 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781555717 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781554936 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781555645 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781556009 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781558423 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781555708 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781557202 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781555679 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781557189 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781556534 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781556085 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781555971 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781557158 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781556690 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781558326 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781556544 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781556958 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781556901 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.18 unaffected 1781557496 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781550255 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781554417 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781550415 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781550593 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781551060 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781550551 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781550615 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781550670 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781550777 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781550759 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781551276 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781550761 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781550908 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781550957 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781551499 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781551098 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781551130 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781551169 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781551235 * rpm Not specified
ADP Red Hat Red Hat Openshift Data Foundation 4.19 unaffected 1781551472 * rpm Not specified
ADP Red Hat Red Hat OpenShift Dev Spaces RHOSDS 3.26 unaffected 1769685154 * rpm Not specified
ADP Red Hat Red Hat OpenShift Service Mesh 3 unaffected 1770140791 * rpm Not specified
ADP Red Hat Red Hat OpenShift Service Mesh 3 unaffected 1770140853 * rpm Not specified
ADP Red Hat Red Hat OpenShift Service Mesh 3.1 unaffected 1770140180 * rpm Not specified
ADP Red Hat Red Hat OpenShift Service Mesh 3.1 unaffected 1770138727 * rpm Not specified
ADP Red Hat Red Hat OpenShift Service Mesh 3.2 unaffected 1770142326 * rpm Not specified
ADP Red Hat Red Hat OpenShift Service Mesh 3.2 unaffected 1770138513 * rpm Not specified
ADP Red Hat Red Hat Trusted Artifact Signer 1.3 unaffected 1771324807 * rpm Not specified
ADP Red Hat Cryostat 4 Not specified Not specified
ADP Red Hat Gatekeeper 3 Not specified Not specified
ADP Red Hat Logging Subsystem For Red Hat OpenShift Not specified Not specified
ADP Red Hat Logging Subsystem For Red Hat OpenShift Not specified Not specified
ADP Red Hat Logging Subsystem For Red Hat OpenShift Not specified Not specified
ADP Red Hat Logging Subsystem For Red Hat OpenShift Not specified Not specified
ADP Red Hat Logging Subsystem For Red Hat OpenShift Not specified Not specified
ADP Red Hat Logging Subsystem For Red Hat OpenShift Not specified Not specified
ADP Red Hat Logging Subsystem For Red Hat OpenShift Not specified Not specified
ADP Red Hat Logging Subsystem For Red Hat OpenShift Not specified Not specified
ADP Red Hat Logging Subsystem For Red Hat OpenShift Not specified Not specified
ADP Red Hat Logging Subsystem For Red Hat OpenShift Not specified Not specified
ADP Red Hat Logging Subsystem For Red Hat OpenShift Not specified Not specified
ADP Red Hat Logging Subsystem For Red Hat OpenShift Not specified Not specified
ADP Red Hat Migration Toolkit For Applications 7 Not specified Not specified
ADP Red Hat Migration Toolkit For Applications 8 Not specified Not specified
ADP Red Hat Migration Toolkit For Containers Not specified Not specified
ADP Red Hat Migration Toolkit For Virtualization Not specified Not specified
ADP Red Hat Migration Toolkit For Virtualization Not specified Not specified
ADP Red Hat Multicluster Engine For Kubernetes Not specified Not specified
ADP Red Hat Network Observability Operator Not specified Not specified
ADP Red Hat Network Observability Operator Not specified Not specified
ADP Red Hat Node HealthCheck Operator Not specified Not specified
ADP Red Hat Node HealthCheck Operator Not specified Not specified
ADP Red Hat Node HealthCheck Operator Not specified Not specified
ADP Red Hat Node HealthCheck Operator Not specified Not specified
ADP Red Hat OpenShift Lightspeed Not specified Not specified
ADP Red Hat OpenShift Lightspeed Not specified Not specified
ADP Red Hat OpenShift Pipelines Not specified Not specified
ADP Red Hat OpenShift Pipelines Not specified Not specified
ADP Red Hat OpenShift Pipelines Not specified Not specified
ADP Red Hat OpenShift Pipelines Not specified Not specified
ADP Red Hat OpenShift Pipelines Not specified Not specified
ADP Red Hat OpenShift Service Mesh 2 Not specified Not specified
ADP Red Hat OpenShift Service Mesh 2 Not specified Not specified
ADP Red Hat OpenShift Service Mesh 3 Not specified Not specified
ADP Red Hat OpenShift Service Mesh 3 Not specified Not specified
ADP Red Hat Red Hat Advanced Cluster Management For Kubernetes 2 Not specified Not specified
ADP Red Hat Red Hat Advanced Cluster Management For Kubernetes 2 Not specified Not specified
ADP Red Hat Red Hat Advanced Cluster Management For Kubernetes 2 Not specified Not specified
ADP Red Hat Red Hat Advanced Cluster Management For Kubernetes 2 Not specified Not specified
ADP Red Hat Red Hat Advanced Cluster Security 4 Not specified Not specified
ADP Red Hat Red Hat Advanced Cluster Security 4 Not specified Not specified
ADP Red Hat Red Hat Advanced Cluster Security 4 Not specified Not specified
ADP Red Hat Red Hat Advanced Cluster Security 4 Not specified Not specified
ADP Red Hat Red Hat Advanced Cluster Security 4 Not specified Not specified
ADP Red Hat Red Hat Ansible Automation Platform 2 Not specified Not specified
ADP Red Hat Red Hat Ansible Automation Platform 2 Not specified Not specified
ADP Red Hat Red Hat Ansible Automation Platform 2 Not specified Not specified
ADP Red Hat Red Hat Ansible Automation Platform 2 Not specified Not specified
ADP Red Hat Red Hat Ansible Automation Platform 2 Not specified Not specified
ADP Red Hat Red Hat Ansible Automation Platform 2 Not specified Not specified
ADP Red Hat Red Hat Ansible Automation Platform 2 Not specified Not specified
ADP Red Hat Red Hat Ansible Automation Platform 2 Not specified Not specified
ADP Red Hat Red Hat Build Of Apache Camel - HawtIO 4 Not specified Not specified
ADP Red Hat Red Hat Build Of Apicurio Registry 2 Not specified Not specified
ADP Red Hat Red Hat Build Of Kueue Not specified Not specified
ADP Red Hat Red Hat Build Of Kueue Not specified Not specified
ADP Red Hat Red Hat Build Of Kueue Not specified Not specified
ADP Red Hat Red Hat Build Of Kueue Not specified Not specified
ADP Red Hat Red Hat Build Of OptaPlanner 8 Not specified Not specified
ADP Red Hat Red Hat Connectivity Link 1 Not specified Not specified
ADP Red Hat Red Hat Data Grid 8 Not specified Not specified
ADP Red Hat Red Hat Developer Hub Not specified Not specified
ADP Red Hat Red Hat Edge Manager Preview Not specified Not specified
ADP Red Hat Red Hat Edge Manager Preview Not specified Not specified
ADP Red Hat Red Hat Edge Manager Preview Not specified Not specified
ADP Red Hat Red Hat Edge Manager Preview Not specified Not specified
ADP Red Hat Red Hat Edge Manager Preview Not specified Not specified
ADP Red Hat Red Hat Edge Manager Preview Not specified Not specified
ADP Red Hat Red Hat Edge Manager Preview Not specified Not specified
ADP Red Hat Red Hat Edge Manager Preview Not specified Not specified
ADP Red Hat Red Hat Edge Manager Preview Not specified Not specified
ADP Red Hat Red Hat Edge Manager Preview Not specified Not specified
ADP Red Hat Red Hat Edge Manager Preview Not specified Not specified
ADP Red Hat Red Hat Edge Manager Preview Not specified Not specified
ADP Red Hat Red Hat Edge Manager Preview Not specified Not specified
ADP Red Hat Red Hat Enterprise Linux 10 Not specified Not specified
ADP Red Hat Red Hat Enterprise Linux 10 Not specified Not specified
ADP Red Hat Red Hat Enterprise Linux 8 Not specified Not specified
ADP Red Hat Red Hat Enterprise Linux 8 Not specified Not specified
ADP Red Hat Red Hat Enterprise Linux 9 Not specified Not specified
ADP Red Hat Red Hat Enterprise Linux 9 Not specified Not specified
ADP Red Hat Red Hat Fuse 7 Not specified Not specified
ADP Red Hat Red Hat JBoss Enterprise Application Platform 8 Not specified Not specified
ADP Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack Not specified Not specified
ADP Red Hat Red Hat OpenShift AI RHOAI Not specified Not specified
ADP Red Hat Red Hat OpenShift AI RHOAI Not specified Not specified
ADP Red Hat Red Hat OpenShift AI RHOAI Not specified Not specified
ADP Red Hat Red Hat OpenShift AI RHOAI Not specified Not specified
ADP Red Hat Red Hat OpenShift Container Platform 4 Not specified Not specified
ADP Red Hat Red Hat OpenShift Container Platform 4 Not specified Not specified
ADP Red Hat Red Hat OpenShift Container Platform 4 Not specified Not specified
ADP Red Hat Red Hat OpenShift Container Platform 4 Not specified Not specified
ADP Red Hat Red Hat OpenShift Container Platform 4 Not specified Not specified
ADP Red Hat Red Hat OpenShift Dev Spaces Not specified Not specified
ADP Red Hat Red Hat OpenShift Distributed Tracing 3 Not specified Not specified
ADP Red Hat Red Hat OpenShift GitOps Not specified Not specified
ADP Red Hat Red Hat OpenShift GitOps Not specified Not specified
ADP Red Hat Red Hat OpenShift GitOps Not specified Not specified
ADP Red Hat Red Hat OpenShift GitOps Not specified Not specified
ADP Red Hat Red Hat OpenShift GitOps Not specified Not specified
ADP Red Hat Red Hat OpenShift Virtualization 4 Not specified Not specified
ADP Red Hat Red Hat OpenShift Virtualization 4 Not specified Not specified
ADP Red Hat Red Hat Process Automation 7 Not specified Not specified
ADP Red Hat Red Hat Quay 3 Not specified Not specified
ADP Red Hat Red Hat Quay 3 Not specified Not specified
ADP Red Hat Red Hat Satellite 6 Not specified Not specified
ADP Red Hat Red Hat Satellite 6 Not specified Not specified
ADP Red Hat Red Hat Satellite 6 Not specified Not specified
ADP Red Hat Red Hat Satellite 6 Not specified Not specified
ADP Red Hat Red Hat Satellite 6 Not specified Not specified
ADP Red Hat Red Hat Single Sign-On 7 Not specified Not specified

References

ReferenceSourceLinkTags
access.redhat.com/errata/RHSA-2026:34100 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx [email protected] github.com Vendor Advisory
access.redhat.com/errata/RHSA-2026:17474 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:3960 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:20041 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:3958 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:5636 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/security/cve/CVE-2026-22029 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:2572 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:36651 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:17469 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:21658 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:36882 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:3782 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:2147 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:2149 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22029.json 0b0ca135-0b70-47e7-9f44-1890c2a1c46c security.access.redhat.com
access.redhat.com/errata/RHSA-2026:8218 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:2694 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:1517 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
bugzilla.redhat.com/show_bug.cgi 0b0ca135-0b70-47e7-9f44-1890c2a1c46c bugzilla.redhat.com
access.redhat.com/errata/RHSA-2026:8229 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:2568 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:26413 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:2148 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:20042 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:13548 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:2350 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:13542 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:2456 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:9848 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:19712 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:3087 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:5633 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:3959 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:26420 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
access.redhat.com/errata/RHSA-2026:17468 0b0ca135-0b70-47e7-9f44-1890c2a1c46c access.redhat.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Additional Advisory Data

SourceTimeEvent
ADP2026-01-10T04:01:03.694ZReported to Red Hat.
ADP2026-01-10T02:42:32.736ZMade public.

Solutions

ADP: RHSA-2026:3959: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9

ADP: RHSA-2026:3958: Red Hat Ansible Automation Platform 2.6 for RHEL 9

ADP: RHSA-2026:5633: Red Hat Advanced Cluster Management for Kubernetes 2.12

ADP: RHSA-2026:8229: Red Hat Advanced Cluster Management for Kubernetes 2.13

ADP: RHSA-2026:36882: Red Hat Advanced Cluster Management for Kubernetes 2.14

ADP: RHSA-2026:2572: Red Hat Advanced Cluster Management for Kubernetes 2.14

ADP: RHSA-2026:13548: Red Hat Advanced Cluster Management for Kubernetes 2.15

ADP: RHSA-2026:1517: Red Hat Advanced Cluster Security for Kubernetes 4.8

ADP: RHSA-2026:2350: Red Hat Advanced Cluster Security for Kubernetes 4.9

ADP: RHSA-2026:2568: Red Hat Advanced Cluster Security for Kubernetes 4.9

ADP: RHSA-2026:3960: Red Hat Ansible Automation Platform 2.6

ADP: RHSA-2026:2694: Red Hat Discovery 2

ADP: RHSA-2026:36651: Red Hat Edge Manager 1.0

ADP: RHSA-2026:3782: Red Hat OpenShift AI 2.25

ADP: RHSA-2026:19712: Red Hat OpenShift AI 3.3

ADP: RHSA-2026:34100: Red Hat OpenShift Container Platform 4.17

ADP: RHSA-2026:21658: Red Hat OpenShift Container Platform 4.18

ADP: RHSA-2026:20042: Red Hat OpenShift Container Platform 4.19

ADP: RHSA-2026:20041: Red Hat OpenShift Container Platform 4.19

ADP: RHSA-2026:17469: Red Hat OpenShift Container Platform 4.20

ADP: RHSA-2026:17468: Red Hat OpenShift Container Platform 4.20

ADP: RHSA-2026:17474: Red Hat OpenShift Container Platform 4.21

ADP: RHSA-2026:2456: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26

ADP: RHSA-2026:2148: Red Hat OpenShift Service Mesh 3.1

ADP: RHSA-2026:2149: Red Hat OpenShift Service Mesh 3.2

ADP: RHSA-2026:2147: Red Hat OpenShift Service Mesh 3

ADP: RHSA-2026:26420: Red Hat Openshift Data Foundation 4.18

ADP: RHSA-2026:26413: Red Hat Openshift Data Foundation 4.19

ADP: RHSA-2026:3087: Red Hat Trusted Artifact Signer 1.3

ADP: RHSA-2026:13542: multicluster engine for Kubernetes 2.10

ADP: RHSA-2026:9848: multicluster engine for Kubernetes 2.6

ADP: RHSA-2026:5636: multicluster engine for Kubernetes 2.7

ADP: RHSA-2026:8218: multicluster engine for Kubernetes 2.8

Workarounds

ADP: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report