Red Hat Product Errata RHSA-2026:19008 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19008 - Security Advisory Overview Updated Packages Synopsis Important: pcs security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for pcs is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): lodash: lodash: Arbitrary code execution via untrusted input in template imports (CVE-2026-4800) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux High Availability for x86_64 10 x86_64 Red Hat Enterprise Linux High Availability for ARM 64 10 aarch64 Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux High Availability for IBM z Systems 10 s390x Red Hat Enterprise Linux High Availability for Power, little endian 10 ppc64le Red Hat Enterprise Linux High Availability for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux High Availability (for IBM z Systems) - Extended Update Support 10.2 s390x Red Hat Enterprise Linux High Availability (for ARM 64) - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux High Availability for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux High Availability for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux High Availability for Power, little endian - 4 years of updates 10.2 ppc64le Red Hat Enterprise Linux High Availability for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux High Availability for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux High Availability for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux High Availability for IBM z Systems - Extended Life Cycle 10.2 s390x Red Hat Enterprise Linux High Availability for x86_64 - Extended Life Cycle 10.2 x86_64 Fixes BZ - 2453496 - CVE-2026-4800 lodash: lodash: Arbitrary code execution via untrusted input in template imports CVEs CVE-2026-4800 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux High Availability for x86_64 10 SRPM pcs-0.12.2-3.el10_2.1.src.rpm SHA-256: 18d049d8c3defd52702b2258e687fcdc57d695712f987c601fc80acf8f90e016 x86_64 cockpit-ha-cluster-0.12.2-3.el10_2.1.noarch.rpm SHA-256: e92f25c546b40a159f4ce1e97f4a7fcaf3e65da930a41797d0915b9d760dd3d2 pcs-0.12.2-3.el10_2.1.x86_64.rpm SHA-256: 3f53977d1525036ebfedc013a420581e55da038ade473edb6475529142ced317 pcs-snmp-0.12.2-3.el10_2.1.x86_64.rpm SHA-256: 7f3edfa6e93d5ac9752babc09a41062ba0f079ddd724bbf0e4c3ad983e19be7a Red Hat Enterprise Linux High Availability for ARM 64 10 SRPM pcs-0.12.2-3.el10_2.1.src.rpm SHA-256: 18d049d8c3defd52702b2258e687fcdc57d695712f987c601fc80acf8f90e016 aarch64 cockpit-ha-cluster-0.12.2-3.el10_2.1.noarch.rpm SHA-256: e92f25c546b40a159f4ce1e97f4a7fcaf3e65da930a41797d0915b9d760dd3d2 pcs-0.12.2-3.el10_2.1.aarch64.rpm SHA-256: dd9635c20fe935d1656c3a903a2c8f57db35fdadfa0f93f20677955587e74565 pcs-snmp-0.12.2-3.el10_2.1.aarch64.rpm SHA-256: bd5e6e0691b5ee3c2f7d5c5a3d9a257fca7dcf5f31d72739be7953460f8c7b39 Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 10.2 SRPM pcs-0.12.2-3.el10_2.1.src.rpm SHA-256: 18d049d8c3defd52702b2258e687fcdc57d695712f987c601fc80acf8f90e016 x86_64 cockpit-ha-cluster-0.12.2-3.el10_2.1.noarch.rpm SHA-256: e92f25c546b40a159f4ce1e97f4a7fcaf3e65da930a41797d0915b9d760dd3d2 pcs-0.12.2-3.el10_2.1.x86_64.rpm SHA-256: 3f53977d1525036ebfedc013a420581e55da038ade473edb6475529142ced317 pcs-snmp-0.12.2-3.el10_2.1.x86_64.rpm SHA-256: 7f3edfa6e93d5ac9752babc09a41062ba0f079ddd724bbf0e4c3ad983e19be7a Red Hat Enterprise Linux High Availability for IBM z Systems 10 SRPM pcs-0.12.2-3.el10_2.1.src.rpm SHA-256: 18d049d8c3defd52702b2258e687fcdc57d695712f987c601fc80acf8f90e016 s390x cockpit-ha-cluster-0.12.2-3.el10_2.1.noarch.rpm SHA-256: e92f25c546b40a159f4ce1e97f4a7fcaf3e65da930a41797d0915b9d760dd3d2 pcs-0.12.2-3.el10_2.1.s390x.rpm SHA-256: 6a4b5bbdb50b9e0b514bf2ee9bd2f0056e50fe31539283791126a4e934f774a8 pcs-snmp-0.12.2-3.el10_2.1.s390x.rpm SHA-256: 87c8cb92ab728c17c68739d5eb6ff8c891b50cf263401bb4f82b7f4e5a615736 Red Hat Enterprise Linux High Availability for Power, little endian 10 SRPM pcs-0.12.2-3.el10_2.1.src.rpm SHA-256: 18d049d8c3defd52702b2258e687fcdc57d695712f987c601fc80acf8f90e016 ppc64le cockpit-ha-cluster-0.12.2-3.el10_2.1.noarch.rpm SHA-256: e92f25c546b40a159f4ce1e97f4a7fcaf3e65da930a41797d0915b9d760dd3d2 pcs-0.12.2-3.el10_2.1.ppc64le.rpm SHA-256: 3ae55347d67c3a07a0a7fb7708b7895f07698b03059ec83a3c8495384e56f377 pcs-snmp-0.12.2-3.el10_2.1.ppc64le.rpm SHA-256: ddd3998f475d7f6ee303cdda051bd3011ecb16aff45d12c853a07d5fc250c516 Red Hat Enterprise Linux High Availability for Power, little endian - Extended Update Support 10.2 SRPM pcs-0.12.2-3.el10_2.1.src.rpm SHA-256: 18d049d8c3defd52702b2258e687fcdc57d695712f987c601fc80acf8f90e016 ppc64le cockpit-ha-cluster-0.12.2-3.el10_2.1.noarch.rpm SHA-256: e92f25c546b40a159f4ce1e97f4a7fcaf3e65da930a41797d0915b9d760dd3d2 pcs-0.12.2-3.el10_2.1.ppc64le.rpm SHA-256: 3ae55347d67c3a07a0a7fb7708b7895f07698b03059ec83a3c8495384e56f377 pcs-snmp-0.12.2-3.el10_2.1.ppc64le.rpm SHA-256: ddd3998f475d7f6ee303cdda051bd3011ecb16aff45d12c853a07d5fc250c516 Red Hat Enterprise Linux High Availability (for IBM z Systems) - Extended Update Support 10.2 SRPM pcs-0.12.2-3.el10_2.1.src.rpm SHA-256: 18d049d8c3defd52702b2258e687fcdc57d695712f987c601fc80acf8f90e016 s390x cockpit-ha-cluster-0.12.2-3.el10_2.1.noarch.rpm SHA-256: e92f25c546b40a159f4ce1e97f4a7fcaf3e65da930a41797d0915b9d760dd3d2 pcs-0.12.2-3.el10_2.1.s390x.rpm SHA-256: 6a4b5bbdb50b9e0b514bf2ee9bd2f0056e50fe31539283791126a4e934f774a8 pcs-snmp-0.12.2-3.el10_2.1.s390x.rpm SHA-256: 87c8cb92ab728c17c68739d5eb6ff8c891b50cf263401bb4f82b7f4e5a615736 Red Hat Enterprise Linux High Availability (for ARM 64) - Extended Update Support 10.2 SRPM pcs-0.12.2-3.el10_2.1.src.rpm SHA-256: 18d049d8c3defd52702b2258e687fcdc57d695712f987c601fc80acf8f90e016 aarch64 cockpit-ha-cluster-0.12.2-3.el10_2.1.noarch.rpm SHA-256: e92f25c546b40a159f4ce1e97f4a7fcaf3e65da930a41797d0915b9d760dd3d2 pcs-0.12.2-3.el10_2.1.aarch64.rpm SHA-256: dd9635c20fe935d1656c3a903a2c8f57db35fdadfa0f93f20677955587e74565 pcs-snmp-0.12.2-3.el10_2.1.aarch64.rpm SHA-256: bd5e6e0691b5ee3c2f7d5c5a3d9a257fca7dcf5f31d72739be7953460f8c7b39 Red Hat Enterprise Linux High Availability for ARM 64 - 4 years of updates 10.2 SRPM pcs-0.12.2-3.el10_2.1.src.rpm SHA-256: 18d049d8c3defd52702b2258e687fcdc57d695712f987c601fc80acf8f90e016 aarch64 cockpit-ha-cluster-0.12.2-3.el10_2.1.noarch.rpm SHA-256: e92f25c546b40a159f4ce1e97f4a7fcaf3e65da930a41797d0915b9d760dd3d2 pcs-0.12.2-3.el10_2.1.aarch64.rpm SHA-256: dd9635c20fe935d1656c3a903a2c8f57db35fdadfa0f93f20677955587e74565 pcs-snmp-0.12.2-3.el10_2.1.aarch64.rpm SHA-256: bd5e6e0691b5ee3c2f7d5c5a3d9a257fca7dcf5f31d72739be7953460f8c7b39 Red Hat Enterprise Linux High Availability for IBM z Systems - 4 years of updates 10.2 SRPM pcs-0.12.2-3.el10_2.1.src.rpm SHA-256: 18d049d8c3defd52702b2258e687fcdc57d695712f987c601fc80acf8f90e016 s390x cockpit-ha-cluster-0.12.2-3.el10_2.1.noarch.rpm SHA-256: e92f25c546b40a159f4ce1e97f4a7fcaf3e65da930a41797d0915b9d760dd3d2 pcs-0.12.2-3.el10_2.1.s390x.rpm SHA-256: 6a4b5bbdb50b9e0b514bf2ee9bd2f0056e50fe31539283791126a4e934f774a8 pcs-snmp-0.12.2-3.el10_2.1.s390x.rpm SHA-256: 87c8cb92ab728c17c68739d5eb6ff8c891b50cf263401bb4f82b7f4e5a615736 Red Hat Enterprise Linux High Availability for Power, little endian - 4 years of updates 10.2 SRPM pcs-0.12.2-3.el10_2.1.src.rpm SHA-256: 18d049d8c3defd52702b2258e687fcdc57d695712f987c601fc80acf8f90e016 ppc64le cockpit-ha-cluster-0.12.2-3.el10_2.1.noarch.rpm SHA-256: e92f25c546b40a159f4ce1e97f4a7fcaf3e65da930a41797d0915b9d760dd3d2 pcs-0.12.2-3.el10_2.1.ppc64le.rpm SHA-256: 3ae55347d67c3a07a0a7fb7708b7895f07698b03059ec83a3c8495384e56f377 pcs-snmp-0.12.2-3.el10_2.1.ppc64le.rpm SHA-256: ddd3998f475d7f6ee303cdda051bd3011ecb16aff45d12c853a07d5fc250c516 Red Hat Enterprise Linux High Availability for x86_64 - 4 years of updates 10.2 SRPM pcs-0.12.2-3.el10_2.1.src.rpm SHA-256: 18d049d8c3defd52702b2258e687fcdc57d695712f987c601fc80acf8f90e016 x86_64 cockpit-ha-cluster-0.12.2-3.el10_2.1.noarch.rpm SHA-256: e92f25c546b40a159f4ce1e97f4a7fcaf3e65da930a41797d0915b9d760dd3d2 pcs-0.12.2-3.el10_2.1.x86_64.rpm SHA-256: 3f53977d1525036ebfedc013a420581e55da038ade473edb6475529142ced317 pcs-snmp-0.12.2-3.el10_2.1.x86_64.rpm SHA-256: 7f3edfa6e93d5ac9752babc09a41062ba0f079ddd724bbf0e4c3ad983e19be7a Red Hat Enterprise Linux High Availability for ARM 64 - Extended Life Cycle 10.2 SRPM pcs-0.12.2-3.el10_2.1.src.rpm SHA-256: 18d049d8c3defd52702b2258e687fcdc57d695712f987c601fc80acf8f90e016 aarch64 cockpit-ha-cluster-0.12.2-3.el10_2.1.noarch.rpm SHA-256: e92f25c546b40a159f4ce1e97f4a7fcaf3e65da930a41797d0915b9d760dd3d2 pcs-0.12.2-3.el10_2.1.aarch64.rpm SHA-256: dd9635c20fe935d1656c3a903a2c8f57db35fdadfa0f93f20677955587e74565 pcs-snmp-0.12.2-3.el10_2.1.aarch64.rpm SHA-256: bd5e6e0691b5ee3c2f7d5c5a3d9a257fca7dcf5f31d72739b