Red Hat Product Errata RHSA-2026:10713 - Security Advisory Issued: 2026-04-27 Updated: 2026-04-27 RHSA-2026:10713 - Security Advisory Overview Updated Packages Synopsis Important: pcs security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for pcs is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): lodash: lodash: Arbitrary code execution via untrusted input in template imports (CVE-2026-4800) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux High Availability for x86_64 10 x86_64 Red Hat Enterprise Linux High Availability for ARM 64 10 aarch64 Red Hat Enterprise Linux High Availability for IBM z Systems 10 s390x Red Hat Enterprise Linux High Availability for Power, little endian 10 ppc64le Fixes BZ - 2453496 - CVE-2026-4800 lodash: lodash: Arbitrary code execution via untrusted input in template imports CVEs CVE-2026-4800 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux High Availability for x86_64 10 SRPM pcs-0.12.1-1.el10_1.3.src.rpm SHA-256: 73dab0d186cdc256499c5bbba4fe12510de52ae361c1f84269bf00c59052004c x86_64 cockpit-ha-cluster-0.12.1-1.el10_1.3.noarch.rpm SHA-256: d64e6f36d0d472926af57c6459dfbe4b9d1e1aa396d27ba5f37a58261e28a4bc pcs-0.12.1-1.el10_1.3.x86_64.rpm SHA-256: 67597b1e2d0b8f9c84401a366b628122bf8eac6ee0608e6b5f88042e8c2a9b78 pcs-snmp-0.12.1-1.el10_1.3.x86_64.rpm SHA-256: 4a18bc3a1795c21629d0726766e47a3fa5ff569dc83a5f5b125a2a77d4f71115 Red Hat Enterprise Linux High Availability for ARM 64 10 SRPM pcs-0.12.1-1.el10_1.3.src.rpm SHA-256: 73dab0d186cdc256499c5bbba4fe12510de52ae361c1f84269bf00c59052004c aarch64 cockpit-ha-cluster-0.12.1-1.el10_1.3.noarch.rpm SHA-256: d64e6f36d0d472926af57c6459dfbe4b9d1e1aa396d27ba5f37a58261e28a4bc pcs-0.12.1-1.el10_1.3.aarch64.rpm SHA-256: 85533359995167d9b74a6a557928cddf301b55e8f4e382583cb29a3ca0cab079 pcs-snmp-0.12.1-1.el10_1.3.aarch64.rpm SHA-256: e555936b47b452ca14faca118294fd881fab07cbf6cd4e41cdaf53540fda87a6 Red Hat Enterprise Linux High Availability for IBM z Systems 10 SRPM pcs-0.12.1-1.el10_1.3.src.rpm SHA-256: 73dab0d186cdc256499c5bbba4fe12510de52ae361c1f84269bf00c59052004c s390x cockpit-ha-cluster-0.12.1-1.el10_1.3.noarch.rpm SHA-256: d64e6f36d0d472926af57c6459dfbe4b9d1e1aa396d27ba5f37a58261e28a4bc pcs-0.12.1-1.el10_1.3.s390x.rpm SHA-256: 81eccd30e9c35e9d5dd168d453eee9586b4ba84596bedae7d7b358dba7ddd5af pcs-snmp-0.12.1-1.el10_1.3.s390x.rpm SHA-256: 9c61d08adeb16e349513af8add4dd8777df44ca6dfe7ba69c9def6083e8f6fdb Red Hat Enterprise Linux High Availability for Power, little endian 10 SRPM pcs-0.12.1-1.el10_1.3.src.rpm SHA-256: 73dab0d186cdc256499c5bbba4fe12510de52ae361c1f84269bf00c59052004c ppc64le cockpit-ha-cluster-0.12.1-1.el10_1.3.noarch.rpm SHA-256: d64e6f36d0d472926af57c6459dfbe4b9d1e1aa396d27ba5f37a58261e28a4bc pcs-0.12.1-1.el10_1.3.ppc64le.rpm SHA-256: 0be9f71024dd63f1a092e33fdc27eebff479b0850cb67049b7824006370e8ae7 pcs-snmp-0.12.1-1.el10_1.3.ppc64le.rpm SHA-256: 344ffdef4e08d1c1bf5c689ff18410b37c922d949591edc1215c606b5ea9aa3c The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .