Red Hat Product Errata RHSA-2026:19589 - Security Advisory Issued: 2026-05-20 Updated: 2026-05-20 RHSA-2026:19589 - Security Advisory Overview Updated Packages Synopsis Important: python security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for python is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API (CVE-2026-4786) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64 Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64 Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le Fixes BZ - 2458049 - CVE-2026-4786 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API CVEs CVE-2026-4786 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 SRPM python-2.7.5-94.el7_9.5.src.rpm SHA-256: 6159d00b37d702570bad08a7f2a7f73b8e68c86f07a737e5f58f736960923401 x86_64 python-2.7.5-94.el7_9.5.x86_64.rpm SHA-256: 9ec5b2b0cf90ac59c1b156b793ed7410dbefcb0e2c722556a83b9f2db640c85b python-debug-2.7.5-94.el7_9.5.x86_64.rpm SHA-256: 7bb327d92845c54bd01b849f5b998a9d47ac2f936b7c14c6f331327ba1c88d41 python-debuginfo-2.7.5-94.el7_9.5.i686.rpm SHA-256: a3b01bbd012b06d3794d8e4a5685d8dec51e9cca9a8d3924e655c6cf401397ea python-debuginfo-2.7.5-94.el7_9.5.x86_64.rpm SHA-256: 681cff58fa4b3293cd9df65cd80e0ffa0b39c0d0f74bbf3971337576eabcd50a python-debuginfo-2.7.5-94.el7_9.5.x86_64.rpm SHA-256: 681cff58fa4b3293cd9df65cd80e0ffa0b39c0d0f74bbf3971337576eabcd50a python-devel-2.7.5-94.el7_9.5.x86_64.rpm SHA-256: f7df5f5496b79a306ff133737392f189c2da65453bf43011f9594b840eb8b819 python-libs-2.7.5-94.el7_9.5.i686.rpm SHA-256: d72cf782acfb0ab930181dda10351f419bb05ad3370573c30ed3cab5970277ab python-libs-2.7.5-94.el7_9.5.x86_64.rpm SHA-256: f6596907b0d5433498932fb47c60e6dd5eefbf308e786e135cb6bf57b1418577 python-test-2.7.5-94.el7_9.5.x86_64.rpm SHA-256: 86ce4c73c18808cc432141cf82393e0f25f028d5beaebacfd19e960a1fc2ef97 python-tools-2.7.5-94.el7_9.5.x86_64.rpm SHA-256: bf893958f71bd85f63cabe03c3f42420e2fc7b552f2ef5fc4518dec27a2e729b tkinter-2.7.5-94.el7_9.5.x86_64.rpm SHA-256: 8bb9d4c48fa20d81cac4de1f17e0b8bef91a0a317ef63e877a8c74c2826743e8 Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 SRPM python-2.7.5-94.el7_9.5.src.rpm SHA-256: 6159d00b37d702570bad08a7f2a7f73b8e68c86f07a737e5f58f736960923401 s390x python-2.7.5-94.el7_9.5.s390x.rpm SHA-256: d1a355dceab4fc4fe5ae69630d34c548e30bb4848b5267fdaffa39c9a4994a55 python-debug-2.7.5-94.el7_9.5.s390x.rpm SHA-256: 00b13170d4f0cf459642b1ea5e800ba781c35c1481ab835d7c97418f855f0629 python-debuginfo-2.7.5-94.el7_9.5.s390.rpm SHA-256: f272f356da825a739eda848571eebeaa8cac197890b9fd04278d6e8165e81e18 python-debuginfo-2.7.5-94.el7_9.5.s390x.rpm SHA-256: 8750725a544774ae8ad4aa7b08830a6be8455767067ebaa972090e24f72652b2 python-debuginfo-2.7.5-94.el7_9.5.s390x.rpm SHA-256: 8750725a544774ae8ad4aa7b08830a6be8455767067ebaa972090e24f72652b2 python-devel-2.7.5-94.el7_9.5.s390x.rpm SHA-256: 0294f5ba9f16f1fd0b1642a6326da7a22cbb19508a726435bed2b0c094d80a18 python-libs-2.7.5-94.el7_9.5.s390.rpm SHA-256: 8c23c67dda0ac7cf1a0522f17b05f4555d755f3881b0b24f333fad50acd10d15 python-libs-2.7.5-94.el7_9.5.s390x.rpm SHA-256: aceb8d3d8c4aa479db1d6baeb1183c968ae3ef393b6a3db09728605921eda94c python-test-2.7.5-94.el7_9.5.s390x.rpm SHA-256: dfb3456845d8e46c425930dec712d63d4b2cf6e0fb08df9a8cc2aac1794e02e6 python-tools-2.7.5-94.el7_9.5.s390x.rpm SHA-256: d44a4136dc8bfe0f7051964074255d45b5b75099cbe766e74004044d93f6d4ed tkinter-2.7.5-94.el7_9.5.s390x.rpm SHA-256: a8a16e69c7cdc7c714a4ecad8d52bf3870e64c987e6462c700b32974a69b8a42 Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 SRPM python-2.7.5-94.el7_9.5.src.rpm SHA-256: 6159d00b37d702570bad08a7f2a7f73b8e68c86f07a737e5f58f736960923401 ppc64 python-2.7.5-94.el7_9.5.ppc64.rpm SHA-256: c25309fb570b23fd500bf72e9aec314feed5970e12933989491e5a9b1422ea5c python-debug-2.7.5-94.el7_9.5.ppc64.rpm SHA-256: 94f392f20938eacb6ab4111427b7df34e7746a54489b08cd109631019f80a306 python-debuginfo-2.7.5-94.el7_9.5.ppc.rpm SHA-256: 6f111ce2c566b88f1dd0a6907653f4d7e7a89d32e1a164a67c60cbef4569cc7d python-debuginfo-2.7.5-94.el7_9.5.ppc64.rpm SHA-256: c9433fe5ccda34336419b9c691d86a4885f70262bcbf990165bdfad1dc9e8a61 python-debuginfo-2.7.5-94.el7_9.5.ppc64.rpm SHA-256: c9433fe5ccda34336419b9c691d86a4885f70262bcbf990165bdfad1dc9e8a61 python-devel-2.7.5-94.el7_9.5.ppc64.rpm SHA-256: ef666e28f43ee9bc94dbfdf6c969d901bbaa0bea86da63008d4d677c1868a11d python-libs-2.7.5-94.el7_9.5.ppc.rpm SHA-256: b97b4edc4e9b37e0c793748a889d970bc795b486be219c5be5e0a97170124f02 python-libs-2.7.5-94.el7_9.5.ppc64.rpm SHA-256: 0bc489a31eb5e15df9e8eba55ead391ed8dac2d038cd92620027c6089e89e0b7 python-test-2.7.5-94.el7_9.5.ppc64.rpm SHA-256: edc7380c27b26bda71342f071928d0194de786bc22628bd97f72cf907a85cd73 python-tools-2.7.5-94.el7_9.5.ppc64.rpm SHA-256: 38f802b960257d346ef4d8a92bd16cdac586d9312ff1a45242293f8772ec34aa tkinter-2.7.5-94.el7_9.5.ppc64.rpm SHA-256: 270d19dca371528a18914bf6fd5266769658e6fdba95670045ad311afe42773c Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 SRPM python-2.7.5-94.el7_9.5.src.rpm SHA-256: 6159d00b37d702570bad08a7f2a7f73b8e68c86f07a737e5f58f736960923401 ppc64le python-2.7.5-94.el7_9.5.ppc64le.rpm SHA-256: b5e57ebd0d82c8ab2b0bf71f94c5e7d167468c107875d27ed07a0254c83a13a5 python-debug-2.7.5-94.el7_9.5.ppc64le.rpm SHA-256: 0e39e33dab63f42e107c3934b9c1beb7a31c3ee2d844e9e4f6b88eb015650e4f python-debuginfo-2.7.5-94.el7_9.5.ppc64le.rpm SHA-256: 98e55d40da9d2035f827044059539c896886c5293826de0313958f7e0c056905 python-debuginfo-2.7.5-94.el7_9.5.ppc64le.rpm SHA-256: 98e55d40da9d2035f827044059539c896886c5293826de0313958f7e0c056905 python-devel-2.7.5-94.el7_9.5.ppc64le.rpm SHA-256: 175e7f4530ddaa460d364bf113690d63053bbe343026e08141c761f0c3e57a73 python-libs-2.7.5-94.el7_9.5.ppc64le.rpm SHA-256: 2091fa491aa6c268cc5379680cb7f688acba4e84eae4557dcbff4fab81de2860 python-test-2.7.5-94.el7_9.5.ppc64le.rpm SHA-256: 8383ce1ea99f2ccaac870c1166d6021dfc646ac1975e4256854e0930cc405b01 python-tools-2.7.5-94.el7_9.5.ppc64le.rpm SHA-256: 2746604132ac47990febb0988643ea02ffe2c594a0f1e99e87e2f9a34b9f09b9 tkinter-2.7.5-94.el7_9.5.ppc64le.rpm SHA-256: 7a6723acb9863f6679331eea84805542a665c7fd008ed375be899756fdce7603 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .