Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:11471: Important: pcs security update

cve-2026-4800redhat
The vulnerability is an arbitrary code execution flaw (CVE-2026-4800, CVSS 8.1 High) in the lodash library's template function, exploitable via untrusted input. The pcs command-line tool for Pacemaker/Corosync on RHEL 9.6 EUS is affected due to its embedded lodash dependency. Affected lodash versions are below 4.17.21; the Red Hat advisory provides the patched pcs package for the listed RHEL architectures and support streams.
Read Full Article →

Red Hat Product Errata RHSA-2026:11471 - Security Advisory Issued: 2026-04-29 Updated: 2026-04-29 RHSA-2026:11471 - Security Advisory Overview Updated Packages Synopsis Important: pcs security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for pcs is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): lodash: lodash: Arbitrary code execution via untrusted input in template imports (CVE-2026-4800) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Resilient Storage for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux High Availability for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat Enterprise Linux High Availability (for IBM z Systems) - Extended Update Support 9.6 s390x Red Hat Enterprise Linux High Availability (for ARM 64) - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Resilient Storage for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux High Availability for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux High Availability for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux Resilient Storage for x86_64 - 4 years of updates 9.6 x86_64 Red Hat Enterprise Linux Resilient Storage for Power, little endian - 4 years of updates 9.6 ppc64le Red Hat Enterprise Linux Resilient Storage for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux High Availability for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux High Availability for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux High Availability for IBM z Systems - Extended Life Cycle 9.6 s390x Red Hat Enterprise Linux High Availability for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux Resilient Storage for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux Resilient Storage for IBM z Systems - Extended Life Cycle 9.6 s390x Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Life Cycle 9.6 x86_64 Fixes BZ - 2453496 - CVE-2026-4800 lodash: lodash: Arbitrary code execution via untrusted input in template imports CVEs CVE-2026-4800 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e x86_64 pcs-0.11.9-2.el9_6.4.x86_64.rpm SHA-256: ff6ed0d1a8bef7753b166105892f4e238f3adaeec0e0e60fd71bdef1f92b2fe1 pcs-snmp-0.11.9-2.el9_6.4.x86_64.rpm SHA-256: 3cbe0ff79aebdde6190bd166c15e489f6acb0629229ae8b4dab4a8b0f79d2206 Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Update Support 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e x86_64 pcs-0.11.9-2.el9_6.4.x86_64.rpm SHA-256: ff6ed0d1a8bef7753b166105892f4e238f3adaeec0e0e60fd71bdef1f92b2fe1 pcs-snmp-0.11.9-2.el9_6.4.x86_64.rpm SHA-256: 3cbe0ff79aebdde6190bd166c15e489f6acb0629229ae8b4dab4a8b0f79d2206 Red Hat Enterprise Linux Resilient Storage for Power, little endian - Extended Update Support 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e ppc64le pcs-0.11.9-2.el9_6.4.ppc64le.rpm SHA-256: 36ecf4121c0b96c6ea5593ccae6bd082323572198b5ff256578a91bc54c36653 pcs-snmp-0.11.9-2.el9_6.4.ppc64le.rpm SHA-256: 88e182557309f5c7f4316f6e0580191c85e9a3e3159142e9469ba1af9e94bafe Red Hat Enterprise Linux High Availability for Power, little endian - Extended Update Support 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e ppc64le pcs-0.11.9-2.el9_6.4.ppc64le.rpm SHA-256: 36ecf4121c0b96c6ea5593ccae6bd082323572198b5ff256578a91bc54c36653 pcs-snmp-0.11.9-2.el9_6.4.ppc64le.rpm SHA-256: 88e182557309f5c7f4316f6e0580191c85e9a3e3159142e9469ba1af9e94bafe Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e ppc64le pcs-0.11.9-2.el9_6.4.ppc64le.rpm SHA-256: 36ecf4121c0b96c6ea5593ccae6bd082323572198b5ff256578a91bc54c36653 pcs-snmp-0.11.9-2.el9_6.4.ppc64le.rpm SHA-256: 88e182557309f5c7f4316f6e0580191c85e9a3e3159142e9469ba1af9e94bafe Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e x86_64 pcs-0.11.9-2.el9_6.4.x86_64.rpm SHA-256: ff6ed0d1a8bef7753b166105892f4e238f3adaeec0e0e60fd71bdef1f92b2fe1 pcs-snmp-0.11.9-2.el9_6.4.x86_64.rpm SHA-256: 3cbe0ff79aebdde6190bd166c15e489f6acb0629229ae8b4dab4a8b0f79d2206 Red Hat Enterprise Linux High Availability (for IBM z Systems) - Extended Update Support 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e s390x pcs-0.11.9-2.el9_6.4.s390x.rpm SHA-256: b4c72d74abde68e5743b6ceffbf18ec4abf62ff39a11c8be4cecffda96824c80 pcs-snmp-0.11.9-2.el9_6.4.s390x.rpm SHA-256: 295dc403a28a88d50ed2212645243e7edfe2a28cb9c5a036266fca2ec2f0bb4c Red Hat Enterprise Linux High Availability (for ARM 64) - Extended Update Support 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e aarch64 pcs-0.11.9-2.el9_6.4.aarch64.rpm SHA-256: ba264edf005ac52d6b1acfa28c48e40953bac3174e7a615d69617c1601efcbac pcs-snmp-0.11.9-2.el9_6.4.aarch64.rpm SHA-256: d3e9082fd4df35a6836f27bc7ac5608d4830a10b3f5a6bb4cd22ecc403fc50b9 Red Hat Enterprise Linux Resilient Storage for IBM z Systems - Extended Update Support 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e s390x pcs-0.11.9-2.el9_6.4.s390x.rpm SHA-256: b4c72d74abde68e5743b6ceffbf18ec4abf62ff39a11c8be4cecffda96824c80 pcs-snmp-0.11.9-2.el9_6.4.s390x.rpm SHA-256: 295dc403a28a88d50ed2212645243e7edfe2a28cb9c5a036266fca2ec2f0bb4c Red Hat Enterprise Linux High Availability for ARM 64 - 4 years of updates 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e aarch64 pcs-0.11.9-2.el9_6.4.aarch64.rpm SHA-256: ba264edf005ac52d6b1acfa28c48e40953bac3174e7a615d69617c1601efcbac pcs-snmp-0.11.9-2.el9_6.4.aarch64.rpm SHA-256: d3e9082fd4df35a6836f27bc7ac5608d4830a10b3f5a6bb4cd22ecc403fc50b9 Red Hat Enterprise Linux High Availability for IBM z Systems - 4 years of updates 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e s390x pcs-0.11.9-2.el9_6.4.s390x.rpm SHA-256: b4c72d74abde68e5743b6ceffbf18ec4abf62ff39a11c8be4cecffda96824c80 pcs-snmp-0.11.9-2.el9_6.4.s390x.rpm SHA-256: 295dc403a28a88d50ed2212645243e7edfe2a28cb9c5a036266fca2ec2f0bb4c Red Hat Enterprise Linux Resilient Storage for x86_64 - 4 years of updates 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e x86_64 pcs-0.11.9-2.el9_6.4.x86_64.rpm SHA-256: ff6ed0d1a8bef7753b166105892f4e238f3adaeec0e0e60fd71bdef1f92b2fe1 pcs-snmp-0.11.9-2.el9_6.4.x86_64.rpm SHA-256: 3cbe0ff79aebdde6190bd166c15e489f6acb0629229ae8b4dab4a8b0f79d2206 Red Hat Enterprise Linux Resilient Storage for Power, little endian - 4 years of updates 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e ppc64le pcs-0.11.9-2.el9_6.4.ppc64le.rpm SHA-256: 36ecf4121c0b96c6ea5593ccae6bd082323572198b5ff256578a91bc54c36653 pcs-snmp-0.11.9-2.el9_6.4.ppc64le.rpm SHA-256: 88e182557309f5c7f4316f6e0580191c85e9a3e3159142e9469ba1af9e94bafe Red Hat Enterprise Linux Resilient Storage for IBM z Systems - 4 years of updates 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e s390x pcs-0.11.9-2.el9_6.4.s390x.rpm SHA-256: b4c72d74abde68e5743b6ceffbf18ec4abf62ff39a11c8be4cecffda96824c80 pcs-snmp-0.11.9-2.el9_6.4.s390x.rpm SHA-256: 295dc403a28a88d50ed2212645243e7edfe2a28cb9c5a036266fca2ec2f0bb4c Red Hat Enterprise Linux High Availability for ARM 64 - Extended Life Cycle 9.6 SRPM pcs-0.11.9-2.el9_6.4.src.rpm SHA-256: 913084bec204b8951eab4e5180899e938a43b883555d26874e11c765bcd2f60e aarch64 pcs-0.11.9-2.el9_6.4.aarch64.rpm SHA-256: ba264edf005ac52d6b1acfa28c48e40953bac3174e7a615d69617c1601efcbac pcs-snmp-0.11.9-2.el9_6.4.aarch64.rpm SHA-256: d3e9082fd4df35a6836f27bc7ac5608d4830a10b3f5a6bb4cd22ecc403fc50b9 Red Hat Enterprise Linux High Availability for Po

Related Articles

HIGH RHSA-2026:10710: Important: pcs security update Red Hat Errata HIGH RHSA-2026:11454: Important: pcs security update Red Hat Errata HIGH RHSA-2026:11470: Important: pcs security update Red Hat Errata HIGH RHSA-2026:11494: Important: pcs security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn