Multiple Vulnerabilities Disclosed in Red Hat Hardened Images RPMs
dCERT issued advisories for multiple vulnerabilities affecting Red Hat Hardened Images RPMs, identifying the issue in notices 2026-1205 and 2026-1246. The advisories indicate that security flaws were found in RPM packages used within Red Hat hardened container images, potentially exposing systems that rely on those images to a range of risks depending on the affected packages and deployed workloads.
The publication of two separate dCERT notices suggests ongoing or updated vendor guidance around the same product area, and organizations using Red Hat hardened images should review the referenced advisories, determine which RPMs and image versions are affected, and prioritize remediation through updated packages or rebuilt images. Security teams should also verify downstream dependencies in container registries and production environments to ensure vulnerable image layers are replaced.
How this story unfolded
5 events from the earliest known activity through the most recent confirmed update.
dCERT publishes advisory 2026-1205 on Red Hat Hardened Images RPM vulnerabilities
dCERT issued advisory 2026-1205 concerning multiple vulnerabilities affecting Red Hat Hardened Images RPMs. No additional technical details or remediation information are provided in the reference.
dCERT publishes follow-up advisory 2026-1246 on the same Red Hat RPM issues
dCERT later published advisory 2026-1246 covering multiple vulnerabilities in Red Hat Hardened Images RPMs, indicating a subsequent update or additional notice on the same issue set. The reference does not include further specifics on the vulnerabilities or fixes.
dCERT publishes advisory 2026-1264 on libxslt DoS flaws in Red Hat RPMs
dCERT published advisory 2026-1264 covering multiple vulnerabilities in Red Hat Hardened Images RPMs related to libxslt. The advisory states the flaws could allow denial of service, adding new technical specificity to the ongoing issue.
dCERT publishes advisory 2026-1307 on Red Hat Hardened Images RPM vulnerabilities
dCERT published advisory 2026-1307 covering multiple vulnerabilities affecting Red Hat Hardened Images RPMs. The reference provides no additional synopsis or remediation details beyond identifying it as a new advisory in the ongoing issue set.
dCERT publishes advisory 2026-1343 on fontconfig flaws in Red Hat RPMs
dCERT published advisory 2026-1343 covering vulnerabilities in Red Hat Hardened Images RPMs related to fontconfig. The advisory indicates the flaws could allow code execution or denial of service, adding new technical detail to the ongoing issue set.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
5 references tracked. Mallory keeps watching after this page renders.
dCERT - Advisory 2026-1343 - Red Hat Hardened Images RPMs (fontconfig): Vulnerability allows code execution or DoS
dcert.de
Open sourcedCERT - Advisory 2026-1307 - Red Hat Hardened Images RPMs: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-1264 - Red Hat Hardened Images RPMs (libxslt): Multiple Vulnerabilities allow Denial of Service
dcert.de
Open sourcedCERT - Advisory 2026-1246 - Red Hat Hardened Images RPMs: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-1205 - Red Hat Hardened Images RPMs: Multiple Vulnerabilities
dcert.de
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Red Hat Linux Kernel Vulnerabilities Prompt Broad Update Advisory
The Canadian Centre for Cyber Security issued two notices warning that Red Hat had published multiple security advisories for vulnerabilities affecting several products, with a particular focus on **Linux kernel** updates. The affected offerings include **Red Hat CodeReady Linux Builder**, **Red Hat Enterprise Linux**, **Red Hat Enterprise Linux Server**, and **Red Hat Enterprise Linux for Real Time** across multiple versions and platforms. The first notice, `AV26-318`, covered Red Hat advisories released between March 30 and April 5, while the second, `AV26-341`, covered advisories published between April 6 and 12. In both cases, the Cyber Centre urged users and administrators to review the referenced Red Hat advisories and apply the necessary updates to address the disclosed vulnerabilities.
May 11, 2026
Multiple Linux Kernel Vulnerabilities Prompt dCERT Advisories
dCERT published two advisories, `2025-1332` and `2025-1527`, warning of **multiple vulnerabilities in the Linux kernel**. The notices indicate that separate sets of kernel flaws were significant enough to warrant dedicated advisories, underscoring continued security risk in one of the most widely deployed operating system components across servers, cloud infrastructure, appliances, and embedded systems. While no public synopsis was included in the referenced advisories, the alerts point organizations to review affected kernel versions, assess exposure across Linux-based assets, and apply vendor-provided updates or mitigations. Because kernel vulnerabilities can affect core system security boundaries and stability, unpatched systems may face elevated risk depending on the specific flaws and deployment context.
May 15, 2026
Multiple Vulnerabilities Disclosed in systemd
dCERT published two advisories covering **multiple vulnerabilities in `systemd`**, the widely deployed Linux init system and service manager. The notices identify separate batches of flaws affecting `systemd`, indicating an ongoing stream of security issues in a core component used across many Linux distributions and enterprise environments. Because `systemd` is deeply integrated into system startup, service control, logging, and host management, vulnerabilities in the software can have broad operational and security impact depending on the affected component and deployment. Organizations using Linux systems with `systemd` should review the dCERT advisories **2026-0707** and **2026-0815**, determine exposure across their fleets, and prioritize vendor patches or mitigations as they become available.
Apr 13, 2026