Red Hat Product Errata RHSA-2026:9261 - Security Advisory Issued: 2026-04-21 Updated: 2026-04-21 RHSA-2026:9261 - Security Advisory Overview Updated Packages Synopsis Important: python3.9 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for python3.9 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): python: Python: Command-line option injection in webbrowser.open() via crafted URLs (CVE-2026-4519) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x Fixes BZ - 2449649 - CVE-2026-4519 python: Python: Command-line option injection in webbrowser.open() via crafted URLs CVEs CVE-2026-4519 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 SRPM python3.9-3.9.10-4.el9_0.10.src.rpm SHA-256: 0581e05f107fd03f8b2fee3a7fab175ae01259aac7cae6df0f645187bb4253de ppc64le python-unversioned-command-3.9.10-4.el9_0.10.noarch.rpm SHA-256: bacd68c299a338b6e5d64b7c72c3f218a5e0c48b4ad056e3e537f5ba28684e8a python3-3.9.10-4.el9_0.10.ppc64le.rpm SHA-256: 40135adad26824a98832be5e158895f1e6f0ad5c545d79dbd815638d60a4b0e5 python3-devel-3.9.10-4.el9_0.10.ppc64le.rpm SHA-256: 2476719a62c989412fc477d5525adb67958344a1bfd793b391b513d788d02be1 python3-libs-3.9.10-4.el9_0.10.ppc64le.rpm SHA-256: e6e02763dfc545286dcea9f3b4ec58ca3023e1fb128f85635e7529fa98265091 python3-tkinter-3.9.10-4.el9_0.10.ppc64le.rpm SHA-256: bb37dde66330f7aa0933481a427ff83d957527ffbd23fa7da0b89b43970c653a python3.9-debuginfo-3.9.10-4.el9_0.10.ppc64le.rpm SHA-256: a78b88343d52c99aa675e75a254050013f4d6b1b7d71f2b7dd5d32ea7df8660e python3.9-debuginfo-3.9.10-4.el9_0.10.ppc64le.rpm SHA-256: a78b88343d52c99aa675e75a254050013f4d6b1b7d71f2b7dd5d32ea7df8660e python3.9-debugsource-3.9.10-4.el9_0.10.ppc64le.rpm SHA-256: c9e4db773779f958c72931fd129f5e4dc6ff295e360a7d69b12a9bcb7ed3e387 python3.9-debugsource-3.9.10-4.el9_0.10.ppc64le.rpm SHA-256: c9e4db773779f958c72931fd129f5e4dc6ff295e360a7d69b12a9bcb7ed3e387 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 SRPM python3.9-3.9.10-4.el9_0.10.src.rpm SHA-256: 0581e05f107fd03f8b2fee3a7fab175ae01259aac7cae6df0f645187bb4253de x86_64 python-unversioned-command-3.9.10-4.el9_0.10.noarch.rpm SHA-256: bacd68c299a338b6e5d64b7c72c3f218a5e0c48b4ad056e3e537f5ba28684e8a python3-3.9.10-4.el9_0.10.x86_64.rpm SHA-256: f059bb7b9d0e718f8c629fa17a4c5eca636a73c79f72ee4b2321d260666da1e9 python3-devel-3.9.10-4.el9_0.10.i686.rpm SHA-256: 9ec2149b25bc48f56344be9b76811fc7f233a1f90702cc0b11c0f8cb81e43eac python3-devel-3.9.10-4.el9_0.10.x86_64.rpm SHA-256: adad15799216d9cb7187d0d37d0e051007da941e40b4e1f6990714785d6098fe python3-libs-3.9.10-4.el9_0.10.i686.rpm SHA-256: 0b8f93286a32a07cf076ab56aaad33c21a7b1d32f6a4ba16459dd0a4f38aa01a python3-libs-3.9.10-4.el9_0.10.x86_64.rpm SHA-256: 241b6dd4636b770d9d7db8bb3ea1a155c7ce3127c3bc51db2af05af2f88d90a2 python3-tkinter-3.9.10-4.el9_0.10.x86_64.rpm SHA-256: f058f5982c186bcaf1b55a4a75668534eec45c98767ec9c86e5a5b751e82b49d python3.9-debuginfo-3.9.10-4.el9_0.10.i686.rpm SHA-256: 7a134514da13c0b94d3b459425676d4c860d73e93f1aff84e688943e087d2c97 python3.9-debuginfo-3.9.10-4.el9_0.10.i686.rpm SHA-256: 7a134514da13c0b94d3b459425676d4c860d73e93f1aff84e688943e087d2c97 python3.9-debuginfo-3.9.10-4.el9_0.10.x86_64.rpm SHA-256: 38f492ef7285738e689b4488fff0ef81d5a3a5952b23b552c3576e6a335c6e66 python3.9-debuginfo-3.9.10-4.el9_0.10.x86_64.rpm SHA-256: 38f492ef7285738e689b4488fff0ef81d5a3a5952b23b552c3576e6a335c6e66 python3.9-debugsource-3.9.10-4.el9_0.10.i686.rpm SHA-256: fa95f8e555b0f650c0c2135645f109b1e35f68dfdcf34722e950f717b3a73caf python3.9-debugsource-3.9.10-4.el9_0.10.i686.rpm SHA-256: fa95f8e555b0f650c0c2135645f109b1e35f68dfdcf34722e950f717b3a73caf python3.9-debugsource-3.9.10-4.el9_0.10.x86_64.rpm SHA-256: 9885d10f02c87c770361fc267d1c43a326e6d29c77ff18c444863793608e8aaa python3.9-debugsource-3.9.10-4.el9_0.10.x86_64.rpm SHA-256: 9885d10f02c87c770361fc267d1c43a326e6d29c77ff18c444863793608e8aaa Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 SRPM python3.9-3.9.10-4.el9_0.10.src.rpm SHA-256: 0581e05f107fd03f8b2fee3a7fab175ae01259aac7cae6df0f645187bb4253de aarch64 python-unversioned-command-3.9.10-4.el9_0.10.noarch.rpm SHA-256: bacd68c299a338b6e5d64b7c72c3f218a5e0c48b4ad056e3e537f5ba28684e8a python3-3.9.10-4.el9_0.10.aarch64.rpm SHA-256: 59901081a010f3b79dbadaaabfce244249687f3f4bf54d3ef3a9bba3a401a05c python3-devel-3.9.10-4.el9_0.10.aarch64.rpm SHA-256: 263de937de36d7cc02db572004f25a0860ba436b1f494d48ef0fa7b8793a3814 python3-libs-3.9.10-4.el9_0.10.aarch64.rpm SHA-256: c15d067d594a9c5bf40ad64a429c30eb07c94e38022a3580c8e489aceb03cc1f python3-tkinter-3.9.10-4.el9_0.10.aarch64.rpm SHA-256: 9b83577685cf0ef2c01f700cc173f4d4eefe0871b68e64ce7e81cb3bee483c30 python3.9-debuginfo-3.9.10-4.el9_0.10.aarch64.rpm SHA-256: dc969e549f8521d67e7f72a56ae104f551afa738823ce6266d80ade8d8f33a57 python3.9-debuginfo-3.9.10-4.el9_0.10.aarch64.rpm SHA-256: dc969e549f8521d67e7f72a56ae104f551afa738823ce6266d80ade8d8f33a57 python3.9-debugsource-3.9.10-4.el9_0.10.aarch64.rpm SHA-256: f8b97e927ebd7ae917eeb67fe76578abb3576a6be7393df0ab45dde1eff51036 python3.9-debugsource-3.9.10-4.el9_0.10.aarch64.rpm SHA-256: f8b97e927ebd7ae917eeb67fe76578abb3576a6be7393df0ab45dde1eff51036 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 SRPM python3.9-3.9.10-4.el9_0.10.src.rpm SHA-256: 0581e05f107fd03f8b2fee3a7fab175ae01259aac7cae6df0f645187bb4253de s390x python-unversioned-command-3.9.10-4.el9_0.10.noarch.rpm SHA-256: bacd68c299a338b6e5d64b7c72c3f218a5e0c48b4ad056e3e537f5ba28684e8a python3-3.9.10-4.el9_0.10.s390x.rpm SHA-256: 3c539f0d0814a192b3c2c93ccf2105e305269e021b2a11e9c68fb331787a89a5 python3-devel-3.9.10-4.el9_0.10.s390x.rpm SHA-256: 396201426fdbe629dff3e9ee43002dbd0775760862b7f7efdbc06f7aaad4b119 python3-libs-3.9.10-4.el9_0.10.s390x.rpm SHA-256: 2a75213930088f7cb684e2b10ac8e475a936bb98bebc8edf0e0d67dd0b2a02b0 python3-tkinter-3.9.10-4.el9_0.10.s390x.rpm SHA-256: 0d257c905fedc5d00682bf7c0f32a9059403af79564be2126add2ffd0b041370 python3.9-debuginfo-3.9.10-4.el9_0.10.s390x.rpm SHA-256: 258bfe07f6835fd78128933754967c3801b7d6cc1fba339a1af84845b9b7ff85 python3.9-debuginfo-3.9.10-4.el9_0.10.s390x.rpm SHA-256: 258bfe07f6835fd78128933754967c3801b7d6cc1fba339a1af84845b9b7ff85 python3.9-debugsource-3.9.10-4.el9_0.10.s390x.rpm SHA-256: b71d4c364e26c38cee8bc5e46e77d43df93e2e59b2a5ff15716473a4d801ac40 python3.9-debugsource-3.9.10-4.el9_0.10.s390x.rpm SHA-256: b71d4c364e26c38cee8bc5e46e77d43df93e2e59b2a5ff15716473a4d801ac40 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .