What is RHSA-2026:4467?

RHSA-2026:4467 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: RHACS 4.9.4 security and bug fix update

What is the CVSS v3 score of RHSA-2026:4467?

RHSA-2026:4467 has a CVSS v3 base score of 8.3, published by Red Hat Product Security.

RHSA-2026:4467HighCVSS 8.3

Red Hat Security Advisory: RHACS 4.9.4 security and bug fix update

Vendor

Red Hat Product Security

Published

March 12, 2026

Last Modified

June 3, 2026

🔗 CVE IDs covered (10)

CVE-2025-13465 →CVE-2025-61728 →CVE-2025-61729 →CVE-2025-68121 →CVE-2026-21441 →CVE-2026-24040 →CVE-2026-24737 →CVE-2025-61726 →CVE-2025-66418 →CVE-2025-66471 →

📋 Description

CVE-2025-13465 — lodash: prototype pollution in _.unset and _.omit functions CVE-2025-61726 — golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61728 — golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip CVE-2025-61729 — crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-66418 — urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66471 — urllib3: urllib3 Streaming API improperly handles highly compressed data CVE-2025-68121 — crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption CVE-2026-21441 — urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API) CVE-2026-24040 — jsPDF: jsPDF: Cross-User Data Leakage via race condition in addJS method CVE-2026-24737 — jsPDF: jsPDF: Arbitrary code execution via unsanitized input in Acroform module

🔗 CVE IDs covered (10)

📋 Description

🔗 References (14)