Red Hat Product Errata RHSA-2026:14835 - Security Advisory Issued: 2026-05-07 Updated: 2026-05-07 RHSA-2026:14835 - Security Advisory Overview Updated Packages Synopsis Important: Satellite 6.18.5 Async Update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic A new release is now available for Red Hat Satellite 6.18 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Security Fix(es): python3.12-django: Django: SQL Injection via crafted column aliases (CVE-2026-1287) python3.12-django: Django: SQL Injection via RasterField band index parameter (CVE-2026-1207) python3.12-django: Django: SQL injection via crafted column aliases in QuerySet.order_by() (CVE-2026-1312) python3.12-django: Django: Denial of Service via crafted HTML inputs (CVE-2026-1285) python3.12-django: Django: Denial of Service via crafted request with duplicate headers (CVE-2025-14550) python3.12-markdown: markdown: Denial of Service via malformed HTML-like sequences (CVE-2025-69534) python3.12-pyOpenSSL: pyOpenSSL: DTLS cookie callback buffer overflow (CVE-2026-27459) rubygem-activesupport: Active Support: Denial of Service via large scientific notation strings (CVE-2026-33176) Solution Before applying this update, make sure all previously released errata relevant to your system have been applied. For detailed instructions how to apply this update, refer to: https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index Affected Products Red Hat Satellite 6.18 x86_64 Red Hat Satellite Capsule 6.18 x86_64 Red Hat Enterprise Linux for x86_64 9 x86_64 Fixes SAT-37836 - Impossible to generate registration command via REST API in isolated networks managed by external capsules SAT-43946 - Satellite manifest consumer profile cert and key found in satellite client rhsm cache SAT-43947 - Ability to change Log Level for IoP core engine through satellite-installer SAT-43948 - Ability to change Log Level for IoP related services through satellite-installer SAT-43949 - The hammer command executes successfully on Satellite 6.17, but it fails on Satellite 6.18. SAT-43950 - BIOS info is not populated in All hosts page and in Host Details tab SAT-43951 - Puppet fact parser can't create OS entry blocking Satellite leapp upgrades SAT-43952 - Revoking registry token does not prevent access to registry SAT-43953 - Revoking registry token does not prevent access to registry SAT-43954 - After update to 6.17 "Login delegation logout URL" fails to redirect to external auth source SAT-43955 - All communication should happen only over https during global registration execution SAT-43956 - Search is cleared when using bottom pagination on All Hosts page SAT-43958 - Non-admin users on Satellite with viewer role, unable to see the hostgroup. SAT-43959 - Find what we can add to foreman-maintain report generate for rh_cloud SAT-43960 - Content > Subscriptions stuck in loading state if organization GET ends with 403 SAT-43962 - Proxy password shown in clear text in the Overview page of Virt-who Configuration SAT-43963 - Executing the 'katello::clean_backend_objects' rake task takes a long time to complete SAT-44062 - Use certs for primary identification for hosts on katello registry SAT-44760 - Flatpak registry static index returns 500 after pulpcore 3.85.15 upgrade (set not JSON serializable) SAT-44761 - Concurrent registration fails with "PG::UniqueViolation: ERROR: duplicate key value violates unique constraint \"index_operatingsystems_on_title\" SAT-44762 - [regression] Unable to access Compute Resource in Satellite6 CVEs CVE-2025-14550 CVE-2025-69534 CVE-2026-1207 CVE-2026-1285 CVE-2026-1287 CVE-2026-1312 CVE-2026-27459 CVE-2026-33176 References https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Satellite 6.18 SRPM candlepin-4.6.5-1.el9sat.src.rpm SHA-256: 1e981a08166e62fc074528f70c01b65e794d64114c9009e96599760f4c070fb9 foreman-3.16.0.16-1.el9sat.src.rpm SHA-256: b8e291e85faade03e5bbda6ffbb8c900f4c0c9c0f1eec73247ab02047ec7f699 foreman-installer-3.16.0.8-1.el9sat.src.rpm SHA-256: ca340def8375b3eabb0f0cbb8dbcc9c0672603ad5491d13e01fc8a244d435beb python3.12-cffi-2.0.0-1.el9pc.src.rpm SHA-256: 1b0092e03a603969ce3d7a5d68869c999e4e0c817522302b0da10bde1b6fa9c2 python3.12-cryptography-46.0.6-1.el9pc.src.rpm SHA-256: 8e36d525a7b2ef2c5be9bbe260af39013b2f529439f6b4b6491d74202b8de775 python3.12-django-4.2.30-1.el9pc.src.rpm SHA-256: 93c305c57518a0b5b072a354564071059095634110c98533be18f125be0396e6 python3.12-markdown-3.8.2-1.el9pc.src.rpm SHA-256: 6e80842c05360eec25fa383649fb8cf648dc1bfb27c62efb06f3b2ad6b63b924 python3.12-pulp-container-2.24.5-2.el9pc.src.rpm SHA-256: 0855ac9d0d58862cd93753471e74fceec5f625e39105f25cabcf65900a224b75 python3.12-pulpcore-3.73.30-1.el9pc.src.rpm SHA-256: 8d2ddde73d05a5d835864745f4d5f3876eadad6e574fe046a0fb1c96e3efe5ab python3.12-pyOpenSSL-26.0.0-2.el9pc.src.rpm SHA-256: f3a639095bf07b1100e19736d17e5b55de9cca6e91c22b20d08f4d0b00024d0d rubygem-activesupport-7.0.8.7-2.el9sat.src.rpm SHA-256: c16e5e04d10682363bddea507e852141d100b29ef83fe808b6b8cf817e84d04c rubygem-foreman_maintain-1.13.8-1.el9sat.src.rpm SHA-256: 0a457cf3f4418e602a5a0720145ab5bd59db4793b4bf28d26ddf81ac37bb7859 rubygem-foreman_rh_cloud-12.2.18-1.el9sat.src.rpm SHA-256: d102fe08cccd0a1255c091e2a3d70e874b6e00adb203005eda9cbee319f7a1b4 rubygem-foreman_virt_who_configure-0.5.29-1.el9sat.src.rpm SHA-256: ac96ae8b8495a7ebe4f7da6401b61db61d7d4b23e4c0435e67f8b8ad0806c2fa rubygem-katello-4.18.0.12-1.el9sat.src.rpm SHA-256: c213aa2e9de9f76fb28b7416c3d13c8dd7d90851526e4e5034523cc8f805a738 satellite-6.18.5-1.el9sat.src.rpm SHA-256: d7b38a117c18d3bfcb4944a26569e7e193a097fb8682e306602e108605d57222 x86_64 candlepin-4.6.5-1.el9sat.noarch.rpm SHA-256: 28e56d9ce28d75ba986939ed93d571b3ebd88b3dcc5008d0c77728837f00ce54 candlepin-selinux-4.6.5-1.el9sat.noarch.rpm SHA-256: 6486208de90820266fef308aa3a1da4528792bf16535d460217af0aaf5ecd2cb foreman-3.16.0.16-1.el9sat.noarch.rpm SHA-256: 11f237427f379553115b2e1293c8eaff647916fa7d502d8685a50375e2ec721f foreman-cli-3.16.0.16-1.el9sat.noarch.rpm SHA-256: a1e61d8562660f51318f7dd9713e7c0c03d6a1dee38880a59e5c782ed2259fb6 foreman-debug-3.16.0.16-1.el9sat.noarch.rpm SHA-256: 12803157a794c9cd4dc65b070bf7a2645f95dab278ad3129ccf42827345b1476 foreman-dynflow-sidekiq-3.16.0.16-1.el9sat.noarch.rpm SHA-256: 9ea054205d2679fc2016088e301c014329bd78aa2a6b09969e3e734341f26b40 foreman-ec2-3.16.0.16-1.el9sat.noarch.rpm SHA-256: 721afba9f2e03cd8356f96c251232bd76067a70649c041f2e7fb6cf7316afa58 foreman-installer-3.16.0.8-1.el9sat.noarch.rpm SHA-256: ba85a8aa118c77550a0257a20c9be686e8f68ec37e0136afba368341cfc11457 foreman-installer-katello-3.16.0.8-1.el9sat.noarch.rpm SHA-256: 6e30f120cd1b29d94b5a664e3b058050fe23fb3528a13d677583d66aaa75c41c foreman-journald-3.16.0.16-1.el9sat.noarch.rpm SHA-256: a86691d8fb3a54d7053b8c8c835d96ef21730ccd8922b746f896c59565498e2b foreman-libvirt-3.16.0.16-1.el9sat.noarch.rpm SHA-256: 169afe88815eef1b931d545012b88cd229abae8e48982f1909b76ded02809621 foreman-openstack-3.16.0.16-1.el9sat.noarch.rpm SHA-256: 25a9af97fc1254e83cee79f5149f5c5c8958c38eaf692c3d227c73baac45f210 foreman-pcp-3.16.0.16-1.el9sat.noarch.rpm SHA-256: 4b2a98bee3adeeb631b9c528818c62dee7f9913e7e202d2fd1b2948448ba6ecf foreman-postgresql-3.16.0.16-1.el9sat.noarch.rpm SHA-256: 7aa60cc16fe570c8a2964b390b37adc082ce872dbf21df39acd32e067d73f91f foreman-redis-3.16.0.16-1.el9sat.noarch.rpm SHA-256: 006409116e0625d357b7127dac88182ff40aa898ebfba740b57e7dc2fa75dada foreman-service-3.16.0.16-1.el9sat.noarch.rpm SHA-256: bb164ddc5603ed5d72c277e5f4fc6f6747b5bd100e0c659e0031d6cf95551b28 foreman-telemetry-3.16.0.16-1.el9sat.noarch.rpm SHA-256: 6454b545d11acb6701dedfd98e200849d4097bb4df2889f795080293846a3fe4 foreman-vmware-3.16.0.16-1.el9sat.noarch.rpm SHA-256: 921fca8295e0cd996123a99229b674b3a7f6f5d6b9fe50fc1b03e50a85aee563 python3.12-cffi-2.0.0-1.el9pc.x86_64.rpm SHA-256: 4d790e60bff4d6bdb8a69170f4a340a182e891e00e84ac1274174dba77a9efc3 python3.12-cffi-debuginfo-2.0.0-1.el9pc.x86_64.rpm SHA-256: 92edfd7688350e4e258d3712ce1e808907327ef07831b04ce55b61234e9169ed python3.12-cffi-debugsource-2.0.0-1.el9pc.x86_64.rpm SHA-256: cdd387d35cfe403175304b4e87cb4bc19fd0409fdc63aaecc50bf535ed8fcc33 python3.12-cryptography-46.0.6-1.el9pc.x86_64.rpm SHA-256: a8ba3e13eecc6f54faadbd794669b93f4f8324033e0bec6d4f47d866ee6526f7 python3.12-django-4.2.30-1.el9pc.noarch.rpm SHA-256: 6d2666e32670e08a7aede1d5d0f3a4ff5734e40607c950aac9fb20366392760b python3.12-markdown-3.8.2-1.el9pc.noarch.rpm SHA-256: 4c3c8b1467fb46f23b384b918828cb3cf1bc3bd96e3952d2bf4d5cda02055843 python3.12-pulp-container-2.24.5-2.el9pc.noarch.rpm SHA-256: 3e02b9bf042262b52cd4224d73c7f776f661609fac6abbffd379d611ceb12348 python3.12-pulpcore-3.73.30-1.el9pc.noarch.rpm SHA-256: ea789a81c8297cc55b51c4775b0f9afeeffbff44af7d0c27a0268d0352717c0c python3.12-pyOpenSSL-26.0.0-2.el9pc.noarch.rpm SHA-256: c555d25b45261ba1523c2fb05a0b5e5a4df965cd5251ca31973b21daa649cb83 rubygem-activesupport-7.0.8.7-2.el9sat.noarch.rpm SHA-256: 87c649ce1e8f0bb217b9b7aad15630502e0a8d0956e0d2961156f9afa01f9d3e rubygem-foreman_maintain-1.13.8-1.el9sat.noarch.rpm SHA-256: 4bd148c8c