Multiple Vulnerabilities Disclosed in Red Hat Hardened Images RPMs
dCERT issued advisories for multiple vulnerabilities affecting Red Hat Hardened Images RPMs, identifying the issue in notices 2026-1205 and 2026-1246. The advisories indicate that security flaws were found in RPM packages used within Red Hat hardened container images, potentially exposing systems that rely on those images to a range of risks depending on the affected packages and deployed workloads.
The publication of two separate dCERT notices suggests ongoing or updated vendor guidance around the same product area, and organizations using Red Hat hardened images should review the referenced advisories, determine which RPMs and image versions are affected, and prioritize remediation through updated packages or rebuilt images. Security teams should also verify downstream dependencies in container registries and production environments to ensure vulnerable image layers are replaced.
Timeline
Apr 28, 2026
dCERT publishes advisory 2026-1264 on libxslt DoS flaws in Red Hat RPMs
dCERT published advisory 2026-1264 covering multiple vulnerabilities in Red Hat Hardened Images RPMs related to libxslt. The advisory states the flaws could allow denial of service, adding new technical specificity to the ongoing issue.
Apr 27, 2026
dCERT publishes follow-up advisory 2026-1246 on the same Red Hat RPM issues
dCERT later published advisory 2026-1246 covering multiple vulnerabilities in Red Hat Hardened Images RPMs, indicating a subsequent update or additional notice on the same issue set. The reference does not include further specifics on the vulnerabilities or fixes.
Apr 22, 2026
dCERT publishes advisory 2026-1205 on Red Hat Hardened Images RPM vulnerabilities
dCERT issued advisory 2026-1205 concerning multiple vulnerabilities affecting Red Hat Hardened Images RPMs. No additional technical details or remediation information are provided in the reference.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Organizations
Sources
Related Stories
Red Hat Linux Kernel Vulnerabilities Prompt Broad Update Advisory
The Canadian Centre for Cyber Security issued two notices warning that Red Hat had published multiple security advisories for vulnerabilities affecting several products, with a particular focus on **Linux kernel** updates. The affected offerings include **Red Hat CodeReady Linux Builder**, **Red Hat Enterprise Linux**, **Red Hat Enterprise Linux Server**, and **Red Hat Enterprise Linux for Real Time** across multiple versions and platforms. The first notice, `AV26-318`, covered Red Hat advisories released between March 30 and April 5, while the second, `AV26-341`, covered advisories published between April 6 and 12. In both cases, the Cyber Centre urged users and administrators to review the referenced Red Hat advisories and apply the necessary updates to address the disclosed vulnerabilities.
5 days ago
Multiple Linux Kernel Vulnerabilities Prompt dCERT Advisories
dCERT published two advisories, `2025-1332` and `2025-1527`, warning of **multiple vulnerabilities in the Linux kernel**. The notices indicate that separate sets of kernel flaws were significant enough to warrant dedicated advisories, underscoring continued security risk in one of the most widely deployed operating system components across servers, cloud infrastructure, appliances, and embedded systems. While no public synopsis was included in the referenced advisories, the alerts point organizations to review affected kernel versions, assess exposure across Linux-based assets, and apply vendor-provided updates or mitigations. Because kernel vulnerabilities can affect core system security boundaries and stability, unpatched systems may face elevated risk depending on the specific flaws and deployment context.
5 days ago
Multiple Vulnerabilities Disclosed in systemd
dCERT published two advisories covering **multiple vulnerabilities in `systemd`**, the widely deployed Linux init system and service manager. The notices identify separate batches of flaws affecting `systemd`, indicating an ongoing stream of security issues in a core component used across many Linux distributions and enterprise environments. Because `systemd` is deeply integrated into system startup, service control, logging, and host management, vulnerabilities in the software can have broad operational and security impact depending on the affected component and deployment. Organizations using Linux systems with `systemd` should review the dCERT advisories **2026-0707** and **2026-0815**, determine exposure across their fleets, and prioritize vendor patches or mitigations as they become available.
2 weeks ago