Red Hat Product Errata RHSA-2026:20567 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20567 - Security Advisory Overview Updated Packages Synopsis Important: qt6-qtdeclarative security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for qt6-qtdeclarative is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Qt6 - QtDeclarative component. Security Fix(es): qt: Qt SVG: Arbitrary QML/JavaScript code injection via malicious SVG file (CVE-2025-14576) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.2 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.2 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2464114 - CVE-2025-14576 qt: Qt SVG: Arbitrary QML/JavaScript code injection via malicious SVG file CVEs CVE-2025-14576 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM qt6-qtdeclarative-6.10.1-1.el10_2.1.src.rpm SHA-256: 187a2a35b16a4cf7b0ed618394f4b24be80e1cd284479c2a57f18c444cc5aed4 x86_64 qt6-qtdeclarative-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: 08a9637c421c5e57ca5df003adad9a7854004696d59eb9f5617589605ca5bf7f qt6-qtdeclarative-debuginfo-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: c8e2fcf167399acf3a5abb7b6ca360bafa933577c0e2270e10ae38f4305c9a0e qt6-qtdeclarative-debugsource-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: aa58d28f3347548997af429786f0b9f5cecf1a3e1a9d6cc94048c4c06c3eb695 qt6-qtdeclarative-devel-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: dbcf865b28f7b8349d05b05710e629fd2d7cdcd3152b9c197d8203b1b8e38ce8 qt6-qtdeclarative-devel-debuginfo-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: eb0b1d9648651654002103fe3bf81c5fd983f2fb95d59e38ac0fedb23857c149 qt6-qtdeclarative-examples-debuginfo-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: 0ad08353d60a70c1f66d3ed89485c1881a9283cf5bc1b2e6b33e95fac75e50ce qt6-qtdeclarative-tests-debuginfo-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: 5db462fa4ef9eb2df36eeeddeee35c2f00e80629b8936b7ad1473b6228d4f4dc Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 SRPM qt6-qtdeclarative-6.10.1-1.el10_2.1.src.rpm SHA-256: 187a2a35b16a4cf7b0ed618394f4b24be80e1cd284479c2a57f18c444cc5aed4 x86_64 qt6-qtdeclarative-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: 08a9637c421c5e57ca5df003adad9a7854004696d59eb9f5617589605ca5bf7f qt6-qtdeclarative-debuginfo-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: c8e2fcf167399acf3a5abb7b6ca360bafa933577c0e2270e10ae38f4305c9a0e qt6-qtdeclarative-debugsource-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: aa58d28f3347548997af429786f0b9f5cecf1a3e1a9d6cc94048c4c06c3eb695 qt6-qtdeclarative-devel-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: dbcf865b28f7b8349d05b05710e629fd2d7cdcd3152b9c197d8203b1b8e38ce8 qt6-qtdeclarative-devel-debuginfo-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: eb0b1d9648651654002103fe3bf81c5fd983f2fb95d59e38ac0fedb23857c149 qt6-qtdeclarative-examples-debuginfo-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: 0ad08353d60a70c1f66d3ed89485c1881a9283cf5bc1b2e6b33e95fac75e50ce qt6-qtdeclarative-tests-debuginfo-6.10.1-1.el10_2.1.x86_64.rpm SHA-256: 5db462fa4ef9eb2df36eeeddeee35c2f00e80629b8936b7ad1473b6228d4f4dc Red Hat Enterprise Linux for IBM z Systems 10 SRPM qt6-qtdeclarative-6.10.1-1.el10_2.1.src.rpm SHA-256: 187a2a35b16a4cf7b0ed618394f4b24be80e1cd284479c2a57f18c444cc5aed4 s390x qt6-qtdeclarative-6.10.1-1.el10_2.1.s390x.rpm SHA-256: 779f86fe3854bc0193f03de5fd48bf0a726cc4a8ffec95da39212a808cd5dcb0 qt6-qtdeclarative-debuginfo-6.10.1-1.el10_2.1.s390x.rpm SHA-256: dcbe5cb05716d78c9aad33db658cf6c9065dc2b66f5b983404c87d473b99af52 qt6-qtdeclarative-debugsource-6.10.1-1.el10_2.1.s390x.rpm SHA-256: 45e46f427150da4fb7a2b5b5e5a39fef5717b33e3863d721ba698f5bd4380930 qt6-qtdeclarative-devel-6.10.1-1.el10_2.1.s390x.rpm SHA-256: f5be5db9a661720b8179b858819300c50b0b69c4d972b5a2d4497a34af533be6 qt6-qtdeclarative-devel-debuginfo-6.10.1-1.el10_2.1.s390x.rpm SHA-256: 6beb41991256f217f6d688bba0d4cef7f954f46f268b0410b7d08e64cc4a98fa qt6-qtdeclarative-examples-debuginfo-6.10.1-1.el10_2.1.s390x.rpm SHA-256: 400a84f203552cd596c5cad56c3120d44de8b0db42dacd94a1f5abfe9ed336b6 qt6-qtdeclarative-tests-debuginfo-6.10.1-1.el10_2.1.s390x.rpm SHA-256: 3bb0b41e9f10dc282cc49e080f53053ddaa9219209d221d4425a71d5aadbc5a1 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 SRPM qt6-qtdeclarative-6.10.1-1.el10_2.1.src.rpm SHA-256: 187a2a35b16a4cf7b0ed618394f4b24be80e1cd284479c2a57f18c444cc5aed4 s390x qt6-qtdeclarative-6.10.1-1.el10_2.1.s390x.rpm SHA-256: 779f86fe3854bc0193f03de5fd48bf0a726cc4a8ffec95da39212a808cd5dcb0 qt6-qtdeclarative-debuginfo-6.10.1-1.el10_2.1.s390x.rpm SHA-256: dcbe5cb05716d78c9aad33db658cf6c9065dc2b66f5b983404c87d473b99af52 qt6-qtdeclarative-debugsource-6.10.1-1.el10_2.1.s390x.rpm SHA-256: 45e46f427150da4fb7a2b5b5e5a39fef5717b33e3863d721ba698f5bd4380930 qt6-qtdeclarative-devel-6.10.1-1.el10_2.1.s390x.rpm SHA-256: f5be5db9a661720b8179b858819300c50b0b69c4d972b5a2d4497a34af533be6 qt6-qtdeclarative-devel-debuginfo-6.10.1-1.el10_2.1.s390x.rpm SHA-256: 6beb41991256f217f6d688bba0d4cef7f954f46f268b0410b7d08e64cc4a98fa qt6-qtdeclarative-examples-debuginfo-6.10.1-1.el10_2.1.s390x.rpm SHA-256: 400a84f203552cd596c5cad56c3120d44de8b0db42dacd94a1f5abfe9ed336b6 qt6-qtdeclarative-tests-debuginfo-6.10.1-1.el10_2.1.s390x.rpm SHA-256: 3bb0b41e9f10dc282cc49e080f53053ddaa9219209d221d4425a71d5aadbc5a1 Red Hat Enterprise Linux for Power, little endian 10 SRPM qt6-qtdeclarative-6.10.1-1.el10_2.1.src.rpm SHA-256: 187a2a35b16a4cf7b0ed618394f4b24be80e1cd284479c2a57f18c444cc5aed4 ppc64le qt6-qtdeclarative-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: 5a6670a748db5f21b80e06885f2f53f73bf4b87a021512474e0d2fec5965bdc6 qt6-qtdeclarative-debuginfo-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: 41525f59ecdd9e809f38fabc273eb772adc9b46c03864a4e2bf4e824dbb66b20 qt6-qtdeclarative-debugsource-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: 93e0831224933fc4d2e6c191cf8dee8c15413fbefc797021a74bd6cfad4bbd1b qt6-qtdeclarative-devel-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: 0113c587166cef35b279e41e99e120c15d2c731ac06cccfb77b801063552e711 qt6-qtdeclarative-devel-debuginfo-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: b4ea8fc3246ea9210f82293282ab3814e8a503fb38d5180ecf8efb36345d9c19 qt6-qtdeclarative-examples-debuginfo-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: d44466a0be13a7434c7734d16cbd107917ca3e94d51accf436e4a0ed2e5a4c9e qt6-qtdeclarative-tests-debuginfo-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: 5f49f1978c20f5287660e999d65d3dc40d2045fe092d6431aa0d9b383149db15 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 SRPM qt6-qtdeclarative-6.10.1-1.el10_2.1.src.rpm SHA-256: 187a2a35b16a4cf7b0ed618394f4b24be80e1cd284479c2a57f18c444cc5aed4 ppc64le qt6-qtdeclarative-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: 5a6670a748db5f21b80e06885f2f53f73bf4b87a021512474e0d2fec5965bdc6 qt6-qtdeclarative-debuginfo-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: 41525f59ecdd9e809f38fabc273eb772adc9b46c03864a4e2bf4e824dbb66b20 qt6-qtdeclarative-debugsource-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: 93e0831224933fc4d2e6c191cf8dee8c15413fbefc797021a74bd6cfad4bbd1b qt6-qtdeclarative-devel-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: 0113c587166cef35b279e41e99e120c15d2c731ac06cccfb77b801063552e711 qt6-qtdeclarative-devel-debuginfo-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: b4ea8fc3246ea9210f82293282ab3814e8a503fb38d5180ecf8efb36345d9c19 qt6-qtdeclarative-examples-debuginfo-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: d44466a0be13a7434c7734d16cbd107917ca3e94d51accf436e4a0ed2e5a4c9e qt6-qtdeclarative-tests-debuginfo-6.10.1-1.el10_2.1.ppc64le.rpm SHA-256: 5f49f1978c20f5287660e999d65d3dc40d2045fe092d6431aa0d9b383149db15 Red Hat Enterprise Linux for ARM 64 10 SRP