Red Hat Product Errata RHSA-2026:9090 - Security Advisory Issued: 2026-04-20 Updated: 2026-04-20 RHSA-2026:9090 - Security Advisory Overview Updated Packages Synopsis Important: grafana-pcp security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for grafana-pcp is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x Fixes BZ - 2445356 - CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url CVEs CVE-2026-25679 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 9.2 SRPM grafana-pcp-5.1.1-5.el9_2.src.rpm SHA-256: 8ca96372613d461212f07018fd54e6a7d122fac7667c07af1558cedd6df1979b x86_64 grafana-pcp-5.1.1-5.el9_2.x86_64.rpm SHA-256: 4ddc7b9d572027dc4ba47e98d2e8c0a8cbae8656e40b0bdd8c94410c79c50d47 grafana-pcp-debuginfo-5.1.1-5.el9_2.x86_64.rpm SHA-256: b7e9ea75db122711b165a36c62e1d7587319e892292570b4ad77f8ae9fe2b3a1 grafana-pcp-debugsource-5.1.1-5.el9_2.x86_64.rpm SHA-256: 77ea49c7524ff25cecbc13bfa0bea88f8bbab2f3801bee5ba31e62a9fcb2a133 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 SRPM grafana-pcp-5.1.1-5.el9_2.src.rpm SHA-256: 8ca96372613d461212f07018fd54e6a7d122fac7667c07af1558cedd6df1979b ppc64le grafana-pcp-5.1.1-5.el9_2.ppc64le.rpm SHA-256: 3c82ac827ac94738bb7c4b8a15e3fbc9ca1b45700bb987b7a247ddaf9f6ed602 grafana-pcp-debuginfo-5.1.1-5.el9_2.ppc64le.rpm SHA-256: 04fee805260c566510c1e30784f538399fc3e8c2dcbc01ffb36d855d4eda8994 grafana-pcp-debugsource-5.1.1-5.el9_2.ppc64le.rpm SHA-256: 46f45dcebd56caf9bdcc73cd277579a5cac03ab0577e607c00e3d795dd42c1de Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 SRPM grafana-pcp-5.1.1-5.el9_2.src.rpm SHA-256: 8ca96372613d461212f07018fd54e6a7d122fac7667c07af1558cedd6df1979b x86_64 grafana-pcp-5.1.1-5.el9_2.x86_64.rpm SHA-256: 4ddc7b9d572027dc4ba47e98d2e8c0a8cbae8656e40b0bdd8c94410c79c50d47 grafana-pcp-debuginfo-5.1.1-5.el9_2.x86_64.rpm SHA-256: b7e9ea75db122711b165a36c62e1d7587319e892292570b4ad77f8ae9fe2b3a1 grafana-pcp-debugsource-5.1.1-5.el9_2.x86_64.rpm SHA-256: 77ea49c7524ff25cecbc13bfa0bea88f8bbab2f3801bee5ba31e62a9fcb2a133 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 SRPM grafana-pcp-5.1.1-5.el9_2.src.rpm SHA-256: 8ca96372613d461212f07018fd54e6a7d122fac7667c07af1558cedd6df1979b aarch64 grafana-pcp-5.1.1-5.el9_2.aarch64.rpm SHA-256: a809b85994ffea4470a9677d62e0e5cc4ac9c5e9dac115cdcdd98fbc312d9865 grafana-pcp-debuginfo-5.1.1-5.el9_2.aarch64.rpm SHA-256: 2f9df1fa596a9e50f03953d26ae6858df54e8e258566eaea1dcb9d2b01b699c9 grafana-pcp-debugsource-5.1.1-5.el9_2.aarch64.rpm SHA-256: dd54b28737a66e4220e671a1ac9ba24d4e674ea734ccc76df63f1da3d4a10c96 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 SRPM grafana-pcp-5.1.1-5.el9_2.src.rpm SHA-256: 8ca96372613d461212f07018fd54e6a7d122fac7667c07af1558cedd6df1979b s390x grafana-pcp-5.1.1-5.el9_2.s390x.rpm SHA-256: 2248903e5401e5cef080f74a0a6476dabd8a6a67dccd888255e66110bae0f4e9 grafana-pcp-debuginfo-5.1.1-5.el9_2.s390x.rpm SHA-256: 5caece2b6d14bca79b70df53ab13bb6577304fea45b0a2b3c89567d2f22a60e4 grafana-pcp-debugsource-5.1.1-5.el9_2.s390x.rpm SHA-256: b11dba0d51ddda435b8f09b5561491d47e5cf68c0188d0fc65c72b8afa69b21e Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 SRPM grafana-pcp-5.1.1-5.el9_2.src.rpm SHA-256: 8ca96372613d461212f07018fd54e6a7d122fac7667c07af1558cedd6df1979b x86_64 grafana-pcp-5.1.1-5.el9_2.x86_64.rpm SHA-256: 4ddc7b9d572027dc4ba47e98d2e8c0a8cbae8656e40b0bdd8c94410c79c50d47 grafana-pcp-debuginfo-5.1.1-5.el9_2.x86_64.rpm SHA-256: b7e9ea75db122711b165a36c62e1d7587319e892292570b4ad77f8ae9fe2b3a1 grafana-pcp-debugsource-5.1.1-5.el9_2.x86_64.rpm SHA-256: 77ea49c7524ff25cecbc13bfa0bea88f8bbab2f3801bee5ba31e62a9fcb2a133 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 SRPM grafana-pcp-5.1.1-5.el9_2.src.rpm SHA-256: 8ca96372613d461212f07018fd54e6a7d122fac7667c07af1558cedd6df1979b aarch64 grafana-pcp-5.1.1-5.el9_2.aarch64.rpm SHA-256: a809b85994ffea4470a9677d62e0e5cc4ac9c5e9dac115cdcdd98fbc312d9865 grafana-pcp-debuginfo-5.1.1-5.el9_2.aarch64.rpm SHA-256: 2f9df1fa596a9e50f03953d26ae6858df54e8e258566eaea1dcb9d2b01b699c9 grafana-pcp-debugsource-5.1.1-5.el9_2.aarch64.rpm SHA-256: dd54b28737a66e4220e671a1ac9ba24d4e674ea734ccc76df63f1da3d4a10c96 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 SRPM grafana-pcp-5.1.1-5.el9_2.src.rpm SHA-256: 8ca96372613d461212f07018fd54e6a7d122fac7667c07af1558cedd6df1979b ppc64le grafana-pcp-5.1.1-5.el9_2.ppc64le.rpm SHA-256: 3c82ac827ac94738bb7c4b8a15e3fbc9ca1b45700bb987b7a247ddaf9f6ed602 grafana-pcp-debuginfo-5.1.1-5.el9_2.ppc64le.rpm SHA-256: 04fee805260c566510c1e30784f538399fc3e8c2dcbc01ffb36d855d4eda8994 grafana-pcp-debugsource-5.1.1-5.el9_2.ppc64le.rpm SHA-256: 46f45dcebd56caf9bdcc73cd277579a5cac03ab0577e607c00e3d795dd42c1de Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 SRPM grafana-pcp-5.1.1-5.el9_2.src.rpm SHA-256: 8ca96372613d461212f07018fd54e6a7d122fac7667c07af1558cedd6df1979b s390x grafana-pcp-5.1.1-5.el9_2.s390x.rpm SHA-256: 2248903e5401e5cef080f74a0a6476dabd8a6a67dccd888255e66110bae0f4e9 grafana-pcp-debuginfo-5.1.1-5.el9_2.s390x.rpm SHA-256: 5caece2b6d14bca79b70df53ab13bb6577304fea45b0a2b3c89567d2f22a60e4 grafana-pcp-debugsource-5.1.1-5.el9_2.s390x.rpm SHA-256: b11dba0d51ddda435b8f09b5561491d47e5cf68c0188d0fc65c72b8afa69b21e The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .