Red Hat Product Errata RHSA-2026:9591 - Security Advisory Issued: 2026-04-22 Updated: 2026-04-22 RHSA-2026:9591 - Security Advisory Overview Updated Packages Synopsis Important: python3.11 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for python3.11 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): python: Python: Command-line option injection in webbrowser.open() via crafted URLs (CVE-2026-4519) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux Server - TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Fixes BZ - 2449649 - CVE-2026-4519 python: Python: Command-line option injection in webbrowser.open() via crafted URLs CVEs CVE-2026-4519 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 SRPM python3.11-3.11.2-2.el8_8.9.src.rpm SHA-256: 72a55b6ac977fde489a511761124ba122223b24f1a2b81ad92db50fe2bfed9bd x86_64 python3.11-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: 7b8e66badd252e22d07f102be5fabb791819d138489bd21af93b87e1f200ee02 python3.11-debuginfo-3.11.2-2.el8_8.9.i686.rpm SHA-256: 629a9df4c66ff37d528d2fe77d8198897fe75de60877d70eeb8f7f9c7a10b6b0 python3.11-debuginfo-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: ce4b9df8385a5eff9d1b93a7c9a4a00819d9378803c0a76565419d96e1f8cf2d python3.11-debugsource-3.11.2-2.el8_8.9.i686.rpm SHA-256: 17c621fc595e0c3c8307f010fce1507a6512d21bda9e7030ae876976e1230907 python3.11-debugsource-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: c86d23bec586bb86167be1c05560eb931321163a3c01d777bdf5cb4e1297d46a python3.11-devel-3.11.2-2.el8_8.9.i686.rpm SHA-256: 0b84319976b9b86009eb59f8ecce4be5f335269361fafc93e1e32975e0ac478e python3.11-devel-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: ea8de3cb532c9dbe9f85ead46d07a128491bd5f4f1388a6e0329825ded9249eb python3.11-libs-3.11.2-2.el8_8.9.i686.rpm SHA-256: c6cfaad7dc1d1c669206f5fbfd60e0df4f96e6dd7ec4a4c4b491670aeb894d0c python3.11-libs-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: 35de70ec9c112f13ddff4b3628473e97362322af0aa69c38ceba898d8a235ea4 python3.11-rpm-macros-3.11.2-2.el8_8.9.noarch.rpm SHA-256: 3852231efc6246badf5fc8cb5c9d2f2bd70ade016bac8ef15e6d0d8b848ca67a python3.11-tkinter-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: fac17038d0fd41a003c55db523ce0bae9d3fcf96fed47d13ecd3ccaccbd11cff Red Hat Enterprise Linux Server - TUS 8.8 SRPM python3.11-3.11.2-2.el8_8.9.src.rpm SHA-256: 72a55b6ac977fde489a511761124ba122223b24f1a2b81ad92db50fe2bfed9bd x86_64 python3.11-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: 7b8e66badd252e22d07f102be5fabb791819d138489bd21af93b87e1f200ee02 python3.11-debuginfo-3.11.2-2.el8_8.9.i686.rpm SHA-256: 629a9df4c66ff37d528d2fe77d8198897fe75de60877d70eeb8f7f9c7a10b6b0 python3.11-debuginfo-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: ce4b9df8385a5eff9d1b93a7c9a4a00819d9378803c0a76565419d96e1f8cf2d python3.11-debugsource-3.11.2-2.el8_8.9.i686.rpm SHA-256: 17c621fc595e0c3c8307f010fce1507a6512d21bda9e7030ae876976e1230907 python3.11-debugsource-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: c86d23bec586bb86167be1c05560eb931321163a3c01d777bdf5cb4e1297d46a python3.11-devel-3.11.2-2.el8_8.9.i686.rpm SHA-256: 0b84319976b9b86009eb59f8ecce4be5f335269361fafc93e1e32975e0ac478e python3.11-devel-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: ea8de3cb532c9dbe9f85ead46d07a128491bd5f4f1388a6e0329825ded9249eb python3.11-libs-3.11.2-2.el8_8.9.i686.rpm SHA-256: c6cfaad7dc1d1c669206f5fbfd60e0df4f96e6dd7ec4a4c4b491670aeb894d0c python3.11-libs-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: 35de70ec9c112f13ddff4b3628473e97362322af0aa69c38ceba898d8a235ea4 python3.11-rpm-macros-3.11.2-2.el8_8.9.noarch.rpm SHA-256: 3852231efc6246badf5fc8cb5c9d2f2bd70ade016bac8ef15e6d0d8b848ca67a python3.11-tkinter-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: fac17038d0fd41a003c55db523ce0bae9d3fcf96fed47d13ecd3ccaccbd11cff Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 SRPM python3.11-3.11.2-2.el8_8.9.src.rpm SHA-256: 72a55b6ac977fde489a511761124ba122223b24f1a2b81ad92db50fe2bfed9bd ppc64le python3.11-3.11.2-2.el8_8.9.ppc64le.rpm SHA-256: 05e61a2c091247ced2c772691062078e27e34a398b69222144e665c97649e9a1 python3.11-debuginfo-3.11.2-2.el8_8.9.ppc64le.rpm SHA-256: a05dce86410fdd8acd7de44e9502cd19d0c2d880c5f8243b8bceebc8bd53b48d python3.11-debugsource-3.11.2-2.el8_8.9.ppc64le.rpm SHA-256: 04df9656a9195fcf7f3e88b5f100df375367370cd711357dbed4d08e36ef6b9c python3.11-devel-3.11.2-2.el8_8.9.ppc64le.rpm SHA-256: a021d8e8cdc371c267896d588cccb2f27b0667606fcd43b8b9a35c3a5871d7f0 python3.11-libs-3.11.2-2.el8_8.9.ppc64le.rpm SHA-256: 557ec42fc7cc69f5c7e9139e9e9d510a501bf6b71a9a326722a80caeaae88ffe python3.11-rpm-macros-3.11.2-2.el8_8.9.noarch.rpm SHA-256: 3852231efc6246badf5fc8cb5c9d2f2bd70ade016bac8ef15e6d0d8b848ca67a python3.11-tkinter-3.11.2-2.el8_8.9.ppc64le.rpm SHA-256: 4cc2312cc41ab2e1ff9ae77c283690af76f975175c57a173b769091686b2ffff Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 SRPM python3.11-3.11.2-2.el8_8.9.src.rpm SHA-256: 72a55b6ac977fde489a511761124ba122223b24f1a2b81ad92db50fe2bfed9bd x86_64 python3.11-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: 7b8e66badd252e22d07f102be5fabb791819d138489bd21af93b87e1f200ee02 python3.11-debuginfo-3.11.2-2.el8_8.9.i686.rpm SHA-256: 629a9df4c66ff37d528d2fe77d8198897fe75de60877d70eeb8f7f9c7a10b6b0 python3.11-debuginfo-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: ce4b9df8385a5eff9d1b93a7c9a4a00819d9378803c0a76565419d96e1f8cf2d python3.11-debugsource-3.11.2-2.el8_8.9.i686.rpm SHA-256: 17c621fc595e0c3c8307f010fce1507a6512d21bda9e7030ae876976e1230907 python3.11-debugsource-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: c86d23bec586bb86167be1c05560eb931321163a3c01d777bdf5cb4e1297d46a python3.11-devel-3.11.2-2.el8_8.9.i686.rpm SHA-256: 0b84319976b9b86009eb59f8ecce4be5f335269361fafc93e1e32975e0ac478e python3.11-devel-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: ea8de3cb532c9dbe9f85ead46d07a128491bd5f4f1388a6e0329825ded9249eb python3.11-libs-3.11.2-2.el8_8.9.i686.rpm SHA-256: c6cfaad7dc1d1c669206f5fbfd60e0df4f96e6dd7ec4a4c4b491670aeb894d0c python3.11-libs-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: 35de70ec9c112f13ddff4b3628473e97362322af0aa69c38ceba898d8a235ea4 python3.11-rpm-macros-3.11.2-2.el8_8.9.noarch.rpm SHA-256: 3852231efc6246badf5fc8cb5c9d2f2bd70ade016bac8ef15e6d0d8b848ca67a python3.11-tkinter-3.11.2-2.el8_8.9.x86_64.rpm SHA-256: fac17038d0fd41a003c55db523ce0bae9d3fcf96fed47d13ecd3ccaccbd11cff The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .