What is RHSA-2026:17460?

RHSA-2026:17460 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: zero trust workload identity manager for Red Hat OpenShift 1.0.1

Which CVE IDs does RHSA-2026:17460 cover?

RHSA-2026:17460 covers the following CVE IDs: CVE-2025-61726, CVE-2026-21441. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2026:17460?

RHSA-2026:17460 has a CVSS v3 base score of 7.5, published by Red Hat Product Security.

RHSA-2026:17460HighCVSS 7.5

Red Hat Security Advisory: zero trust workload identity manager for Red Hat OpenShift 1.0.1

Vendor

Red Hat Product Security

Published

May 14, 2026

Last Modified

June 1, 2026

🔗 CVE IDs covered (2)

CVE-2025-61726 →CVE-2026-21441 →

📋 Description

CVE-2025-61726 — golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2026-21441 — urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

🔗 References (6)

selfhttps://access.redhat.com/errata/RHSA-2026:17460
externalhttps://access.redhat.com/security/cve/CVE-2025-61726
externalhttps://access.redhat.com/security/cve/CVE-2026-21441
externalhttps://access.redhat.com/security/updates/classification/
externalhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/security_and_compliance/zero-trust-workload-identity-manager
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_17460.json