Red Hat Security Advisory: RHACS 4.8.10 security and bug fix update

CVE-2026-25128 — fast-xml-parser: fast-xml-parser has RangeError DoS Numeric Entities Bug CVE-2026-25535 — jsPDF: denial of service via malicious GIF dimensions CVE-2026-25755 — jsPDF: PDF object injection via unsanitized input in addJS method CVE-2026-25896 — fast-xml-parser: fast-xml-parser: Cross-Site Scripting (XSS) due to improper DOCTYPE entity handling CVE-2026-25940 — jsPDF: PDF injection in AcroForm module allows arbitrary JavaScript execution (RadioButton children) CVE-2026-26278 — fast-xml-parser: fast-xml-parser: Denial of Service via unlimited XML entity expansion CVE-2026-27942 — fast-xml-parser: fast-xml-parser: Stack overflow leads to Denial of Service CVE-2026-29074 — svgo: SVGO: Denial of Service via XML entity expansion CVE-2026-31898 — jspdf: jsPDF: Arbitrary code execution via unsanitized input in createAnnotation method CVE-2026-31938 — jspdf: jsPDF: Cross site scripting via unsanitized output options CVE-2026-33036 — fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass CVE-2026-33186 — google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation