Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:11062: Important: python3.11 security update

cve-2026-1234red-hatpythoncve-2026-6100cve-2026-4786
This security update addresses two Important-severity vulnerabilities in Python 3.11: CVE-2026-6100, a use-after-free in decompression modules allowing arbitrary code execution or information disclosure, and CVE-2026-4786, a command injection flaw in the `webbrowser.open()` API enabling arbitrary code execution. The advisory applies to Python 3.11 packages for Red Hat Enterprise Linux 8, but specific affected and fixed version numbers are not provided in the source text. Administrators should apply the referenced Red Hat update to their affected systems.
Read Full Article →

Red Hat Product Errata RHSA-2026:11062 - Security Advisory Issued: 2026-04-27 Updated: 2026-04-27 RHSA-2026:11062 - Security Advisory Overview Updated Packages Synopsis Important: python3.11 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for python3.11 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules (CVE-2026-6100) python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API (CVE-2026-4786) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 8 x86_64 Red Hat Enterprise Linux for IBM z Systems 8 s390x Red Hat Enterprise Linux for Power, little endian 8 ppc64le Red Hat Enterprise Linux for ARM 64 8 aarch64 Red Hat CodeReady Linux Builder for x86_64 8 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le Red Hat CodeReady Linux Builder for ARM 64 8 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x Fixes BZ - 2457932 - CVE-2026-6100 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules BZ - 2458049 - CVE-2026-4786 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API CVEs CVE-2026-4786 CVE-2026-6100 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 8 SRPM python3.11-3.11.13-7.el8_10.src.rpm SHA-256: 6d10d2af3c64ab893cd3bb7915c315bd7d73db8b882fbc409d82f243403412e2 x86_64 python3.11-3.11.13-7.el8_10.x86_64.rpm SHA-256: 00e8e7693f9e19abd4cc7ed2f842127a1d3205b451cdde36da1ce14962dd2934 python3.11-debuginfo-3.11.13-7.el8_10.i686.rpm SHA-256: 1206bd2c520bb3f3b74d02779667e78d79bf7cb8afaf9ce2a6ae350ec4a40576 python3.11-debuginfo-3.11.13-7.el8_10.x86_64.rpm SHA-256: a2edc2ffd653705ed2b40ff8ad9bedcf75c1e6aabc7518c7d3870c9fee35fc95 python3.11-debugsource-3.11.13-7.el8_10.i686.rpm SHA-256: 46041ebb9f0e32f963fbc809734b449382a4dcc600942ff3daca4b1f3350148b python3.11-debugsource-3.11.13-7.el8_10.x86_64.rpm SHA-256: cd31d2e187942d3302a576d9ca38b56eecf3539847b742f69502a8722bdf5845 python3.11-devel-3.11.13-7.el8_10.i686.rpm SHA-256: 8140e88d7df001f2c42de30d47356c34ba6fb307e4c3a9302b7bff781343bb24 python3.11-devel-3.11.13-7.el8_10.x86_64.rpm SHA-256: 15cf731ec8c9548e62fc661caa3599d11989e12a00f26b6d6f82f9ac22836edd python3.11-libs-3.11.13-7.el8_10.i686.rpm SHA-256: 54829f9519be70f824de5346406dfdd3d9adc66ee28006bda008f921d33c379c python3.11-libs-3.11.13-7.el8_10.x86_64.rpm SHA-256: 73e7ea4744bbf645c173435187389677a25c1720d77030455d7c4c4088a8616e python3.11-rpm-macros-3.11.13-7.el8_10.noarch.rpm SHA-256: 287d0cdbbc49c1172e907435585d0876fca5a020239b161c3267e1c17eaecbd4 python3.11-tkinter-3.11.13-7.el8_10.x86_64.rpm SHA-256: 7b33b91692fbd0979f00aa9a63c985d4375e0eaa6fae5f3b8b841b9e296c920a Red Hat Enterprise Linux for IBM z Systems 8 SRPM python3.11-3.11.13-7.el8_10.src.rpm SHA-256: 6d10d2af3c64ab893cd3bb7915c315bd7d73db8b882fbc409d82f243403412e2 s390x python3.11-3.11.13-7.el8_10.s390x.rpm SHA-256: 6467e8416d4b827de9db7f51c31ed0fa7040b0497d6d17a7e2e0b9accc0e3ac3 python3.11-debuginfo-3.11.13-7.el8_10.s390x.rpm SHA-256: 768a2d0f578049b41961c4d9a5cfd9eeb48d3ccaf5096041608862ad10bcfe21 python3.11-debugsource-3.11.13-7.el8_10.s390x.rpm SHA-256: 6999122c3e5060b015705aad4860576d4d4f548a14c14c5e3e0c4874448bfdcb python3.11-devel-3.11.13-7.el8_10.s390x.rpm SHA-256: 05a0e6357cf9532a933d8bd41d7dcc45eae331ca30359c19f696928b10e019d9 python3.11-libs-3.11.13-7.el8_10.s390x.rpm SHA-256: e142b95a736e771ea568c976122e32b38cc30bcc05c3270447c907b12bcac334 python3.11-rpm-macros-3.11.13-7.el8_10.noarch.rpm SHA-256: 287d0cdbbc49c1172e907435585d0876fca5a020239b161c3267e1c17eaecbd4 python3.11-tkinter-3.11.13-7.el8_10.s390x.rpm SHA-256: 398a4921a0ee1a58bf444b3b05352244f98d2798bbab821b684a94e7bed773dd Red Hat Enterprise Linux for Power, little endian 8 SRPM python3.11-3.11.13-7.el8_10.src.rpm SHA-256: 6d10d2af3c64ab893cd3bb7915c315bd7d73db8b882fbc409d82f243403412e2 ppc64le python3.11-3.11.13-7.el8_10.ppc64le.rpm SHA-256: 183ffb7a2d25ac05c58c22cd8ec0921cbd913c9e629a2e3c1c1dc6e000a6f4bd python3.11-debuginfo-3.11.13-7.el8_10.ppc64le.rpm SHA-256: 0f7bc9f0c619ca8de49a74034bb64969829600983da279bc4aab35f525921723 python3.11-debugsource-3.11.13-7.el8_10.ppc64le.rpm SHA-256: b8b4aa3c9c22c11a50174c8814ec44cb974173351a1ab8ffb7f562b94cd87a0e python3.11-devel-3.11.13-7.el8_10.ppc64le.rpm SHA-256: 7a2fe51ad21233012d76d19b96e9e519a2cb5310d39cf4f5d9e5f9a3299cb9c7 python3.11-libs-3.11.13-7.el8_10.ppc64le.rpm SHA-256: 251c990dff042b200d3c5d92ee126677e9de1984f7d3d3cb8be705968850c875 python3.11-rpm-macros-3.11.13-7.el8_10.noarch.rpm SHA-256: 287d0cdbbc49c1172e907435585d0876fca5a020239b161c3267e1c17eaecbd4 python3.11-tkinter-3.11.13-7.el8_10.ppc64le.rpm SHA-256: 56e3e736d22b1b90d98d702f652c67c864a6fdd5624f22d30d7e0ff0c0b9f348 Red Hat Enterprise Linux for ARM 64 8 SRPM python3.11-3.11.13-7.el8_10.src.rpm SHA-256: 6d10d2af3c64ab893cd3bb7915c315bd7d73db8b882fbc409d82f243403412e2 aarch64 python3.11-3.11.13-7.el8_10.aarch64.rpm SHA-256: 5916c49021ffd4e737a24ee4dae35f31ac29f89ccd5c0b39526b9af74095110a python3.11-debuginfo-3.11.13-7.el8_10.aarch64.rpm SHA-256: 5082772f1696f0d46a43670cf2b86cc8cf1a360ddbbf23b976b70bf0074511ed python3.11-debugsource-3.11.13-7.el8_10.aarch64.rpm SHA-256: fdcfa0a2debaec31b43a8e3447d02f105ebc14518a5fbea2f1299421672d7e61 python3.11-devel-3.11.13-7.el8_10.aarch64.rpm SHA-256: c4f8c0adbe51623dd5c30fa940e58c9e36c2f41747e3875440542e66f5d7b374 python3.11-libs-3.11.13-7.el8_10.aarch64.rpm SHA-256: dfdd41b6023dc8eac3e29d673c51b75f49ed12e08a5c5e1dc98c7f1cfcf117f6 python3.11-rpm-macros-3.11.13-7.el8_10.noarch.rpm SHA-256: 287d0cdbbc49c1172e907435585d0876fca5a020239b161c3267e1c17eaecbd4 python3.11-tkinter-3.11.13-7.el8_10.aarch64.rpm SHA-256: a485ce9479bd996b62407ea6990f7355580efb383c954e6b3481d0042612cb81 Red Hat CodeReady Linux Builder for x86_64 8 SRPM x86_64 python3.11-3.11.13-7.el8_10.i686.rpm SHA-256: 2498d40d6062a4b49c5fce0f4bca284f2a5acd841f53aa05b027f083e62912e6 python3.11-debug-3.11.13-7.el8_10.i686.rpm SHA-256: 0cafb439ce5ae528083fad476062338893fc12bef3ac13db98ffd07e50e076f6 python3.11-debug-3.11.13-7.el8_10.x86_64.rpm SHA-256: 08a4b3cebefc669f9656a1e0119d619280114826f03eac468db869c5dafefe11 python3.11-debuginfo-3.11.13-7.el8_10.i686.rpm SHA-256: 1206bd2c520bb3f3b74d02779667e78d79bf7cb8afaf9ce2a6ae350ec4a40576 python3.11-debuginfo-3.11.13-7.el8_10.x86_64.rpm SHA-256: a2edc2ffd653705ed2b40ff8ad9bedcf75c1e6aabc7518c7d3870c9fee35fc95 python3.11-debugsource-3.11.13-7.el8_10.i686.rpm SHA-256: 46041ebb9f0e32f963fbc809734b449382a4dcc600942ff3daca4b1f3350148b python3.11-debugsource-3.11.13-7.el8_10.x86_64.rpm SHA-256: cd31d2e187942d3302a576d9ca38b56eecf3539847b742f69502a8722bdf5845 python3.11-idle-3.11.13-7.el8_10.i686.rpm SHA-256: c8ea1d6efff4c0eb5e50bd2d3408e839c98260904fe097c22fd4ab0799a3b5d9 python3.11-idle-3.11.13-7.el8_10.x86_64.rpm SHA-256: 53c15da0f34b667d2c8f51e7d31ba27231d2c82dbb4e882ea7a331c71f398ec2 python3.11-test-3.11.13-7.el8_10.i686.rpm SHA-256: 76be86c4d89f3851dbcd073e840b75292e2b2822301dea5ee0efeed9719b4eb5 python3.11-test-3.11.13-7.el8_10.x86_64.rpm SHA-256: 94883e97a4389d300b6de8c5782a3872b0899596c0dc4435c52c406d44c69064 python3.11-tkinter-3.11.13-7.el8_10.i686.rpm SHA-256: 39fccc93ffad5bd58bc744a916ca71bb1a024db9ed4220defa5c42cda55d2014 Red Hat CodeReady Linux Builder for Power, little endian 8 SRPM ppc64le python3.11-debug-3.11.13-7.el8_10.ppc64le.rpm SHA-256: 59c249606f87c12eef887adc603610d0ae9966a233bf8225013a21c5d9003ecc python3.11-debuginfo-3.11.13-7.el8_10.ppc64le.rpm SHA-256: 0f7bc9f0c619ca8de49a74034bb64969829600983da279bc4aab35f525921723 python3.11-debugsource-3.11.13-7.el8_10.ppc64le.rpm SHA-256: b8b4aa3c9c22c11a50174c8814ec44cb974173351a1ab8ffb7f562b94cd87a0e python3.11-idle-3.11.13-7.el8_10.ppc64le.rpm SHA-256: 73d55da72f3bac90879a3facb4af1fe25d23ed0737aee79f4337ee369e5099f3 python3.11-test-3.11.13-7.el8_10.ppc64le.rpm SHA-256: 6173f4b37d1f602493cb801256ab474cbc87e4c85c8ef1cbfbc87d7fc8fc8f2e Red Hat CodeReady Linux Builder for ARM 64 8 SRPM aarch64 python3.11-debug-3.11.13-7.el8_10.aarch64.rpm SHA-256: e5452deae16fca631499e012ee6a58e6ad78949e71c3620d518c173b65f50622 python3.11-debuginfo-3.11.13-7.el8_10.aarch64.rpm SHA-256: 5082772f1696f0d46a43670cf2b86cc8cf1a360ddbbf23b976b70bf0074511ed python3.11-debugsource-3.11.13-7.el8_10.aarch64.rpm SHA-256: fdcfa0a2debaec31b43a8e3447d02f105ebc14518a5fbea2f1299421672d7e61 python3.11-idle-3.11.13-7.el8_10.aarch64.rp

Related Articles

HIGH RHSA-2026:10745: Important: python3.12 security update Red Hat Errata CRITICAL Multiples vulnérabilités dans Python (14 avril 2026) CERT-FR (ANSSI) HIGH RHSA-2026:10711: Important: python3.12 security update Red Hat Errata HIGH RHSA-2026:10774: Important: python3.11 security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn