What is RHSA-2026:3959?

RHSA-2026:3959 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update

What is the CVSS v3 score of RHSA-2026:3959?

RHSA-2026:3959 has a CVSS v3 base score of 8.5, published by Red Hat Product Security.

RHSA-2026:3959HighCVSS 8.5

Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update

Vendor

Red Hat Product Security

Published

March 6, 2026

Last Modified

June 3, 2026

🔗 CVE IDs covered (11)

CVE-2026-0994 →CVE-2026-1207 →CVE-2026-1287 →CVE-2026-1312 →CVE-2026-22029 →CVE-2026-1285 →CVE-2026-23490 →CVE-2026-24049 →CVE-2025-14550 →CVE-2025-61726 →CVE-2025-69223 →

📋 Description

CVE-2025-14550 — Django: Django: Denial of Service via crafted request with duplicate headers CVE-2025-61726 — golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-69223 — aiohttp: AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb CVE-2026-0994 — python: protobuf: Protobuf: Denial of Service due to recursion depth bypass CVE-2026-1207 — Django: Django: SQL Injection via RasterField band index parameter CVE-2026-1285 — Django: Django: Denial of Service via crafted HTML inputs CVE-2026-1287 — Django: Django: SQL Injection via crafted column aliases CVE-2026-1312 — Django: Django: SQL injection via crafted column aliases in QuerySet.order_by() CVE-2026-22029 — @remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects CVE-2026-23490 — pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID CVE-2026-24049 — wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking

🔗 CVE IDs covered (11)

📋 Description

🔗 References (16)