Red Hat Product Errata RHSA-2026:13692 - Security Advisory Issued: 2026-05-05 Updated: 2026-05-05 RHSA-2026:13692 - Security Advisory Overview Updated Packages Synopsis Important: python3.11 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for python3.11 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules (CVE-2026-6100) python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API (CVE-2026-4786) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x Fixes BZ - 2457932 - CVE-2026-6100 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules BZ - 2458049 - CVE-2026-4786 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API CVEs CVE-2026-4786 CVE-2026-6100 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 9.2 SRPM python3.11-3.11.2-2.el9_2.12.src.rpm SHA-256: 8882234cfece8da3b2abf4beb56e1293acbad2306f45a41dd0effe35272f0afa x86_64 python3.11-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: 59f806e3c65c2d796eaa2f3dfe11df21673d23b28cf1d687112ee87686170454 python3.11-debuginfo-3.11.2-2.el9_2.12.i686.rpm SHA-256: 844a3c4f643f7315fd4cb96b6db30fb1e2879c6b6afcee1b313c0072b5f1fe3a python3.11-debuginfo-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: bf78f9b4feef5b28430cde86e16ce7eeb72687cebaa86a533351d19695c2592f python3.11-debugsource-3.11.2-2.el9_2.12.i686.rpm SHA-256: 9428a9f0f0e10c7da3eadea888ccb87d1e094ab8cc80926e07b305f159bbc837 python3.11-debugsource-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: 373a62850237789603e01f89d1159f2df24df6c9c7945672921771d7707db728 python3.11-devel-3.11.2-2.el9_2.12.i686.rpm SHA-256: c04a8da062c923be561322d10a8d765338bb35007c0362bc5d40f4869a9a44aa python3.11-devel-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: 9e7a929137acb80fc92345208ab09eddecdb8e7a5e5a25f4608c672781484c43 python3.11-libs-3.11.2-2.el9_2.12.i686.rpm SHA-256: 7a6254ff3c7d3c36daba7926cb1df9aceb0fb515d9a8cc0e903a66337e626874 python3.11-libs-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: b4352a4e902930e54f58a8514013d7f5d5c66a887bb8eac7ee37a1ecf97d2ec9 python3.11-tkinter-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: 29b799a691ea062b57351e7e0bcfd7df2402b5d785a86185c9c3c900ee05648a Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 SRPM python3.11-3.11.2-2.el9_2.12.src.rpm SHA-256: 8882234cfece8da3b2abf4beb56e1293acbad2306f45a41dd0effe35272f0afa ppc64le python3.11-3.11.2-2.el9_2.12.ppc64le.rpm SHA-256: 8716d007d86748054a02ce263507e234b4bfcf671378f8dc4d8083e4aa5b5593 python3.11-debuginfo-3.11.2-2.el9_2.12.ppc64le.rpm SHA-256: c0911784e361c7fa5d59db864d5f8281783d4439b99183c2d1b272c6d1c90c3f python3.11-debugsource-3.11.2-2.el9_2.12.ppc64le.rpm SHA-256: a1902d5ea4d265db8322cde85056d0f46faf54d96ad20ee2cf9c05741edb1b0b python3.11-devel-3.11.2-2.el9_2.12.ppc64le.rpm SHA-256: 5a22162b002e371dea219260291b3308f4ad666878ddaca7e388e03eaba816bd python3.11-libs-3.11.2-2.el9_2.12.ppc64le.rpm SHA-256: 67e7ada1dfffef20c526a7d4222173f120c61b30317ee9a235b38f0ecfc02945 python3.11-tkinter-3.11.2-2.el9_2.12.ppc64le.rpm SHA-256: f0ce580a2ffc197292f706958aa7986fdabffc1b733ec5c2053e00b9db92c8f4 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 SRPM python3.11-3.11.2-2.el9_2.12.src.rpm SHA-256: 8882234cfece8da3b2abf4beb56e1293acbad2306f45a41dd0effe35272f0afa x86_64 python3.11-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: 59f806e3c65c2d796eaa2f3dfe11df21673d23b28cf1d687112ee87686170454 python3.11-debuginfo-3.11.2-2.el9_2.12.i686.rpm SHA-256: 844a3c4f643f7315fd4cb96b6db30fb1e2879c6b6afcee1b313c0072b5f1fe3a python3.11-debuginfo-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: bf78f9b4feef5b28430cde86e16ce7eeb72687cebaa86a533351d19695c2592f python3.11-debugsource-3.11.2-2.el9_2.12.i686.rpm SHA-256: 9428a9f0f0e10c7da3eadea888ccb87d1e094ab8cc80926e07b305f159bbc837 python3.11-debugsource-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: 373a62850237789603e01f89d1159f2df24df6c9c7945672921771d7707db728 python3.11-devel-3.11.2-2.el9_2.12.i686.rpm SHA-256: c04a8da062c923be561322d10a8d765338bb35007c0362bc5d40f4869a9a44aa python3.11-devel-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: 9e7a929137acb80fc92345208ab09eddecdb8e7a5e5a25f4608c672781484c43 python3.11-libs-3.11.2-2.el9_2.12.i686.rpm SHA-256: 7a6254ff3c7d3c36daba7926cb1df9aceb0fb515d9a8cc0e903a66337e626874 python3.11-libs-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: b4352a4e902930e54f58a8514013d7f5d5c66a887bb8eac7ee37a1ecf97d2ec9 python3.11-tkinter-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: 29b799a691ea062b57351e7e0bcfd7df2402b5d785a86185c9c3c900ee05648a Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 SRPM python3.11-3.11.2-2.el9_2.12.src.rpm SHA-256: 8882234cfece8da3b2abf4beb56e1293acbad2306f45a41dd0effe35272f0afa aarch64 python3.11-3.11.2-2.el9_2.12.aarch64.rpm SHA-256: f347a861e98702d11116e65370fa903f17a57a367d976992d222792da8cc78c3 python3.11-debuginfo-3.11.2-2.el9_2.12.aarch64.rpm SHA-256: 3c0e7ce70f0d4f0fbd886c5c39afb00fc0cafffcd71ef2df38970adb708e4648 python3.11-debugsource-3.11.2-2.el9_2.12.aarch64.rpm SHA-256: 397774533b912e1594779fcd0f25107ccaa2ed17adf08c4139f6ead9c9973698 python3.11-devel-3.11.2-2.el9_2.12.aarch64.rpm SHA-256: 8d207c8e0fb58c9e3068723870c68eed07ffc7f099a9d2a9c43c111332d28df9 python3.11-libs-3.11.2-2.el9_2.12.aarch64.rpm SHA-256: 9158ee5b119fb08cab02bad816ddcf3ddafa2d8e7c3b9dcab3f0be3e896990e0 python3.11-tkinter-3.11.2-2.el9_2.12.aarch64.rpm SHA-256: dd6a0fc23eba289d08a62e43fa180446a4cfc6721c741ed7a3029bbb33db3353 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 SRPM python3.11-3.11.2-2.el9_2.12.src.rpm SHA-256: 8882234cfece8da3b2abf4beb56e1293acbad2306f45a41dd0effe35272f0afa s390x python3.11-3.11.2-2.el9_2.12.s390x.rpm SHA-256: 462a5834105112fa5683af806fbf183dd14355ffcbf983df1eb163cf60e92a95 python3.11-debuginfo-3.11.2-2.el9_2.12.s390x.rpm SHA-256: bedb9156587fbdbe905bf5231bccf217209debffdc2efd25ceb56357d9d234f0 python3.11-debugsource-3.11.2-2.el9_2.12.s390x.rpm SHA-256: 8f3e79e9fd0633e08f219da5172a0c43f6e015fb016b5919db5922a9948d3a69 python3.11-devel-3.11.2-2.el9_2.12.s390x.rpm SHA-256: ea68198b441c0a647eb17b563a3a8a8b539cdf09bb3b54aa775fadf9024c4e32 python3.11-libs-3.11.2-2.el9_2.12.s390x.rpm SHA-256: 2bcfd37a5feba8c6e74804843ba689a1212b85b0c6fe81f3fadc324825154286 python3.11-tkinter-3.11.2-2.el9_2.12.s390x.rpm SHA-256: 7789e1fc105609a390720746b0257c2eac1e8c68a85f716a221fde16791c46ad Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 SRPM python3.11-3.11.2-2.el9_2.12.src.rpm SHA-256: 8882234cfece8da3b2abf4beb56e1293acbad2306f45a41dd0effe35272f0afa x86_64 python3.11-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: 59f806e3c65c2d796eaa2f3dfe11df21673d23b28cf1d687112ee87686170454 python3.11-debuginfo-3.11.2-2.el9_2.12.i686.rpm SHA-256: 844a3c4f643f7315fd4cb96b6db30fb1e2879c6b6afcee1b313c0072b5f1fe3a python3.11-debuginfo-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: bf78f9b4feef5b28430cde86e16ce7eeb72687cebaa86a533351d19695c2592f python3.11-debugsource-3.11.2-2.el9_2.12.i686.rpm SHA-256: 9428a9f0f0e10c7da3eadea888ccb87d1e094ab8cc80926e07b305f159bbc837 python3.11-debugsource-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: 373a62850237789603e01f89d1159f2df24df6c9c7945672921771d7707db728 python3.11-devel-3.11.2-2.el9_2.12.i686.rpm SHA-256: c04a8da062c923be561322d10a8d765338bb35007c0362bc5d40f4869a9a44aa python3.11-devel-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: 9e7a929137acb80fc92345208ab09eddecdb8e7a5e5a25f4608c672781484c43 python3.11-libs-3.11.2-2.el9_2.12.i686.rpm SHA-256: 7a6254ff3c7d3c36daba7926cb1df9aceb0fb515d9a8cc0e903a66337e626874 python3.11-libs-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: b4352a4e902930e54f58a8514013d7f5d5c66a887bb8eac7ee37a1ecf97d2ec9 python3.11-tkinter-3.11.2-2.el9_2.12.x86_64.rpm SHA-256: 29b799a691ea062b57351e7e0bcfd7df2402b5d785a86185c9c3c900ee05648a Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 SRPM python3.11-3.11.2-2.el9_2.12.src.rpm SHA-256: 8882234cfece8da3b2abf4beb56e1293acbad2306f45a41dd0effe35272f0afa aarch64 python3.11-3.11.2-2.el9_2.12.aarch64.rpm SHA-256: f347a861e98702d