Red Hat Product Errata RHSA-2026:10706 - Security Advisory Issued: 2026-04-27 Updated: 2026-04-27 RHSA-2026:10706 - Security Advisory Overview Updated Packages Synopsis Important: rhc security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for rhc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security Fix(es): google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation (CVE-2026-33186) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Fixes BZ - 2449833 - CVE-2026-33186 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation CVEs CVE-2026-33186 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM rhc-0.2.7-4.el9_7.src.rpm SHA-256: 2178480954ecd4379fa19ed992d2218fa4e1815513b3e0a636c002baa159ac18 x86_64 rhc-0.2.7-4.el9_7.x86_64.rpm SHA-256: a0d038d3a5efe48f19ef92b01c9662a71ba8b0c13b0042ccbd18c3a088115c2e rhc-debuginfo-0.2.7-4.el9_7.x86_64.rpm SHA-256: 6f9cfcf9e7df74edc0812ea2a8cf1785105eb2d00aa7b49c74faabb0adf14e81 rhc-debugsource-0.2.7-4.el9_7.x86_64.rpm SHA-256: 2ac5f46cb84c678619cc63a4aca769615dcdadb18ebb8dbe36667ccca500a620 Red Hat Enterprise Linux for IBM z Systems 9 SRPM rhc-0.2.7-4.el9_7.src.rpm SHA-256: 2178480954ecd4379fa19ed992d2218fa4e1815513b3e0a636c002baa159ac18 s390x rhc-0.2.7-4.el9_7.s390x.rpm SHA-256: 6fdadcff1ffe887cae41fa79821bf1614fa1f9e522755d0c0070c09af06e1c8f rhc-debuginfo-0.2.7-4.el9_7.s390x.rpm SHA-256: 83de26bed8963e38ed4e25fec9a5108d81e99312c5c8b8fd621e3b3abbbb7467 rhc-debugsource-0.2.7-4.el9_7.s390x.rpm SHA-256: bcad6ea7c78d225b6786d509712406e6eba4be571eeb39cdecc24689aa86f02b Red Hat Enterprise Linux for Power, little endian 9 SRPM rhc-0.2.7-4.el9_7.src.rpm SHA-256: 2178480954ecd4379fa19ed992d2218fa4e1815513b3e0a636c002baa159ac18 ppc64le rhc-0.2.7-4.el9_7.ppc64le.rpm SHA-256: ff7bd506b4249ca1d607b3c18507ceaf54745314f097502ec5c474a905fa7b6b rhc-debuginfo-0.2.7-4.el9_7.ppc64le.rpm SHA-256: e1643d36454d356c60133f8524a5cfcaa149b316e19c67cf75a7d977b847c91a rhc-debugsource-0.2.7-4.el9_7.ppc64le.rpm SHA-256: 093e5f02ffc583c759a8f15ebdbf98b700756d54e6097a7384d82bfdd554c8c9 Red Hat Enterprise Linux for ARM 64 9 SRPM rhc-0.2.7-4.el9_7.src.rpm SHA-256: 2178480954ecd4379fa19ed992d2218fa4e1815513b3e0a636c002baa159ac18 aarch64 rhc-0.2.7-4.el9_7.aarch64.rpm SHA-256: ef65f0deae919ba9ec1ce2a589fabc84befcd8cbd5794f2b2f0f1d6fefc24a0d rhc-debuginfo-0.2.7-4.el9_7.aarch64.rpm SHA-256: 28af09be40f0a25e3d744b4791e0969d8b049709cbbe3447aee0079450430276 rhc-debugsource-0.2.7-4.el9_7.aarch64.rpm SHA-256: 2f778c15aa89be0568e378cce7e3f06b2aaee3d6430dde7d7c3bdf0892d928e0 Red Hat CodeReady Linux Builder for x86_64 9 SRPM x86_64 rhc-debuginfo-0.2.7-4.el9_7.x86_64.rpm SHA-256: 6f9cfcf9e7df74edc0812ea2a8cf1785105eb2d00aa7b49c74faabb0adf14e81 rhc-debugsource-0.2.7-4.el9_7.x86_64.rpm SHA-256: 2ac5f46cb84c678619cc63a4aca769615dcdadb18ebb8dbe36667ccca500a620 rhc-devel-0.2.7-4.el9_7.x86_64.rpm SHA-256: 7c19a2d78c7005eaa12a07181a1be5e2c0490c044b214a7b8f9129ea251f704f Red Hat CodeReady Linux Builder for Power, little endian 9 SRPM ppc64le rhc-debuginfo-0.2.7-4.el9_7.ppc64le.rpm SHA-256: e1643d36454d356c60133f8524a5cfcaa149b316e19c67cf75a7d977b847c91a rhc-debugsource-0.2.7-4.el9_7.ppc64le.rpm SHA-256: 093e5f02ffc583c759a8f15ebdbf98b700756d54e6097a7384d82bfdd554c8c9 rhc-devel-0.2.7-4.el9_7.ppc64le.rpm SHA-256: 73522d4ac2244d246cc404cff5019b8094fb68b0504a5745fbfd257f79246076 Red Hat CodeReady Linux Builder for ARM 64 9 SRPM aarch64 rhc-debuginfo-0.2.7-4.el9_7.aarch64.rpm SHA-256: 28af09be40f0a25e3d744b4791e0969d8b049709cbbe3447aee0079450430276 rhc-debugsource-0.2.7-4.el9_7.aarch64.rpm SHA-256: 2f778c15aa89be0568e378cce7e3f06b2aaee3d6430dde7d7c3bdf0892d928e0 rhc-devel-0.2.7-4.el9_7.aarch64.rpm SHA-256: 88c076c9f7acdca160e0a0845338177bae17441fed6f1aecd974d21474cf41c9 Red Hat CodeReady Linux Builder for IBM z Systems 9 SRPM s390x rhc-debuginfo-0.2.7-4.el9_7.s390x.rpm SHA-256: 83de26bed8963e38ed4e25fec9a5108d81e99312c5c8b8fd621e3b3abbbb7467 rhc-debugsource-0.2.7-4.el9_7.s390x.rpm SHA-256: bcad6ea7c78d225b6786d509712406e6eba4be571eeb39cdecc24689aa86f02b rhc-devel-0.2.7-4.el9_7.s390x.rpm SHA-256: 1fecb97de6d798a16d6dfe9639c6394ea8a3bb026318aa1e3e5432899456b14a The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .