Red Hat Product Errata RHSA-2026:21468 - Security Advisory Issued: 2026-05-27 Updated: 2026-05-27 RHSA-2026:21468 - Security Advisory Overview Updated Packages Synopsis Important: cockpit security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for cockpit is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fix(es): cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI (CVE-2026-4802) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2451155 - CVE-2026-4802 cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI CVEs CVE-2026-4802 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM cockpit-356.2-1.el9_8.src.rpm SHA-256: cb538128dd2f4b8f251265e53bfa7726b4cfc4547e7471a657840fb9426b60b5 x86_64 cockpit-356.2-1.el9_8.x86_64.rpm SHA-256: a9917006c89f2f2819e08c88b09b41a81a39a496619626ee214857828cf37e3a cockpit-bridge-356.2-1.el9_8.noarch.rpm SHA-256: 6029dc3248942ce1d90da5f3c345e000cb2632d75c1cf35e93d971043de9d1cc cockpit-debuginfo-356.2-1.el9_8.x86_64.rpm SHA-256: 1422bc1babab146c97bc3f21725d33fbc2a951dd3c953000d683273af7cd8251 cockpit-debugsource-356.2-1.el9_8.x86_64.rpm SHA-256: 2fa5b691b4e6e45259dba8e642631dcad9f9baa0737ef9afa7894d367a8c841b cockpit-doc-356.2-1.el9_8.noarch.rpm SHA-256: 2991993edb1aebdb8689c0ef924307781bb173ab2740085a9f46ace57ab920a7 cockpit-packagekit-356.2-1.el9_8.noarch.rpm SHA-256: 90d08820c4d981dba92cf242d3aba0a589d92b02439ce2c9ed01046e1b093587 cockpit-storaged-356.2-1.el9_8.noarch.rpm SHA-256: eff3f531a7c01c50285a4a3fb161008be824870553c46a5a645b9a6629b20c2a cockpit-system-356.2-1.el9_8.noarch.rpm SHA-256: 478c019662b46c5738bcfdfdebaacc54ea695f12e24e98b34cce9fe898b2461c cockpit-ws-356.2-1.el9_8.x86_64.rpm SHA-256: 5bcd46044ee48ac1530ec5a4f3381c02553f5ccabb38a8bff11f6ac1e7784335 cockpit-ws-selinux-356.2-1.el9_8.x86_64.rpm SHA-256: dbf7265f828ff3db7b009014f5cd8dcade7b77afac3c9df703ca3f48027c4857 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM cockpit-356.2-1.el9_8.src.rpm SHA-256: cb538128dd2f4b8f251265e53bfa7726b4cfc4547e7471a657840fb9426b60b5 x86_64 cockpit-356.2-1.el9_8.x86_64.rpm SHA-256: a9917006c89f2f2819e08c88b09b41a81a39a496619626ee214857828cf37e3a cockpit-bridge-356.2-1.el9_8.noarch.rpm SHA-256: 6029dc3248942ce1d90da5f3c345e000cb2632d75c1cf35e93d971043de9d1cc cockpit-debuginfo-356.2-1.el9_8.x86_64.rpm SHA-256: 1422bc1babab146c97bc3f21725d33fbc2a951dd3c953000d683273af7cd8251 cockpit-debugsource-356.2-1.el9_8.x86_64.rpm SHA-256: 2fa5b691b4e6e45259dba8e642631dcad9f9baa0737ef9afa7894d367a8c841b cockpit-doc-356.2-1.el9_8.noarch.rpm SHA-256: 2991993edb1aebdb8689c0ef924307781bb173ab2740085a9f46ace57ab920a7 cockpit-packagekit-356.2-1.el9_8.noarch.rpm SHA-256: 90d08820c4d981dba92cf242d3aba0a589d92b02439ce2c9ed01046e1b093587 cockpit-storaged-356.2-1.el9_8.noarch.rpm SHA-256: eff3f531a7c01c50285a4a3fb161008be824870553c46a5a645b9a6629b20c2a cockpit-system-356.2-1.el9_8.noarch.rpm SHA-256: 478c019662b46c5738bcfdfdebaacc54ea695f12e24e98b34cce9fe898b2461c cockpit-ws-356.2-1.el9_8.x86_64.rpm SHA-256: 5bcd46044ee48ac1530ec5a4f3381c02553f5ccabb38a8bff11f6ac1e7784335 cockpit-ws-selinux-356.2-1.el9_8.x86_64.rpm SHA-256: dbf7265f828ff3db7b009014f5cd8dcade7b77afac3c9df703ca3f48027c4857 Red Hat Enterprise Linux for IBM z Systems 9 SRPM cockpit-356.2-1.el9_8.src.rpm SHA-256: cb538128dd2f4b8f251265e53bfa7726b4cfc4547e7471a657840fb9426b60b5 s390x cockpit-356.2-1.el9_8.s390x.rpm SHA-256: 3c80c322f10d32a460ebdaa1dd6201d61d39740078ec35c94336eb3d949972fe cockpit-bridge-356.2-1.el9_8.noarch.rpm SHA-256: 6029dc3248942ce1d90da5f3c345e000cb2632d75c1cf35e93d971043de9d1cc cockpit-debuginfo-356.2-1.el9_8.s390x.rpm SHA-256: d1f3360fc5886d74e5d0d49e35bec62761cd852f5693a64ea2f7de7b1d8e9dea cockpit-debugsource-356.2-1.el9_8.s390x.rpm SHA-256: 0366675099fb8d551c39de160416e0e885320554213702e6bfcd88513ab59cc6 cockpit-doc-356.2-1.el9_8.noarch.rpm SHA-256: 2991993edb1aebdb8689c0ef924307781bb173ab2740085a9f46ace57ab920a7 cockpit-packagekit-356.2-1.el9_8.noarch.rpm SHA-256: 90d08820c4d981dba92cf242d3aba0a589d92b02439ce2c9ed01046e1b093587 cockpit-storaged-356.2-1.el9_8.noarch.rpm SHA-256: eff3f531a7c01c50285a4a3fb161008be824870553c46a5a645b9a6629b20c2a cockpit-system-356.2-1.el9_8.noarch.rpm SHA-256: 478c019662b46c5738bcfdfdebaacc54ea695f12e24e98b34cce9fe898b2461c cockpit-ws-356.2-1.el9_8.s390x.rpm SHA-256: 73171848732aa12f75b9a08f9afa7c4f7b4c44c338c9252cb12f39ee9bfc4ef6 cockpit-ws-selinux-356.2-1.el9_8.s390x.rpm SHA-256: 5f53fbb0ea44ea6f3bee9e96961c2cbaff19cb0707dee9aa58e0d751a5e78fd1 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM cockpit-356.2-1.el9_8.src.rpm SHA-256: cb538128dd2f4b8f251265e53bfa7726b4cfc4547e7471a657840fb9426b60b5 s390x cockpit-356.2-1.el9_8.s390x.rpm SHA-256: 3c80c322f10d32a460ebdaa1dd6201d61d39740078ec35c94336eb3d949972fe cockpit-bridge-356.2-1.el9_8.noarch.rpm SHA-256: 6029dc3248942ce1d90da5f3c345e000cb2632d75c1cf35e93d971043de9d1cc cockpit-debuginfo-356.2-1.el9_8.s390x.rpm SHA-256: d1f3360fc5886d74e5d0d49e35bec62761cd852f5693a64ea2f7de7b1d8e9dea cockpit-debugsource-356.2-1.el9_8.s390x.rpm SHA-256: 0366675099fb8d551c39de160416e0e885320554213702e6bfcd88513ab59cc6 cockpit-doc-356.2-1.el9_8.noarch.rpm SHA-256: 2991993edb1aebdb8689c0ef924307781bb173ab2740085a9f46ace57ab920a7 cockpit-packagekit-356.2-1.el9_8.noarch.rpm SHA-256: 90d08820c4d981dba92cf242d3aba0a589d92b02439ce2c9ed01046e1b093587 cockpit-storaged-356.2-1.el9_8.noarch.rpm SHA-256: eff3f531a7c01c50285a4a3fb161008be824870553c46a5a645b9a6629b20c2a cockpit-system-356.2-1.el9_8.noarch.rpm SHA-256: 478c019662b46c5738bcfdfdebaacc54ea695f12e24e98b34cce9fe898b2461c cockpit-ws-356.2-1.el9_8.s390x.rpm SHA-256: 73171848732aa12f75b9a08f9afa7c4f7b4c44c338c9252cb12f39ee9bfc4ef6 cockpit-ws-selinux-356.2-1.el9_8.s390x.rpm SHA-256: 5f53fbb0ea44ea6f3bee9e96961c2cbaff19cb0707dee9aa58e0d751a5e78fd1 Red Hat Enterprise Linux for Power, little endian 9 SRPM cockpit-356.2-1.el9_8.src.rpm SHA-256: cb538128dd2f4b8f251265e53bfa7726b4cfc4547e7471a657840fb9426b60b5 ppc64le cockpit-356.2-1.el9_8.ppc64le.rpm SHA-256: b1feac603b4a67cd39ed78d8235515f4ba5da56a991fe9dda404214d95d95b69 cockpit-bridge-356.2-1.el9_8.noarch.rpm SHA-256: 6029dc3248942ce1d90da5f3c345e000cb2632d75c1cf35e93d971043de9d1cc cockpit-debuginfo-356.2-1.el9_8.ppc64le.rpm SHA-256: 860d0ba44400f209e595bd5f5d37dd3ce184130ffddadf6bc12b9dbf2da36887 cockpit-debugsource-356.2-1.el9_8.ppc64le.rpm SHA-256: d8a24ac976d90f1aa7be161ad418e20af6b22bc90f084983d7f52cf9b1ac0e4a cockpit-doc-356.2-1.el9_8.noarch.rpm SHA-256: 2991993edb1aebdb8689c0ef924307781bb173ab2740085a9f46ace57ab920a7 cockpit-packagekit-356.2-1.el9_8.noarch.rpm SHA-256: 90d08820c4d981dba92cf242d3aba0a589d92b02439ce2c9ed01046e1b093587 cockpit-storaged-356.2-1.el9_8.noarch.rpm SHA-256: eff3f531a7c01c50285a4a3fb161008be824870553c46a5a645b9a6629b20c2a cockpit-system-356.2-1.el9_8.noarch.rpm SHA-256: 478c019662b46c5738bcfdfdebaacc54ea695f12e24e98b34cce9fe898b2461c cockpit-ws-356.2-1.el9_8.ppc64le.rpm SHA-256: 21f479ad00bac71c7622f6a3be4d21bfc39bd2d783193fcd53108df190e224a1 cockpit-ws-selinux-356.2-1.el9_8.ppc64le.rpm SHA-256: 3697cfff1995dad31d4acfa3d22abec6529b45272b28a6eea61c8076a1464b3e Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 SRPM cockpit-356.2-1.el9_8.src.rpm SHA-256: cb538128dd2f4b8f251265e53bfa7726b4cfc4547e7471a657840fb9426b60b5 ppc64le cockpit-356.2-1.el9_8.ppc64le.rpm SHA-256: b1feac603b4a67cd39ed78d8235515f4ba5da56a991fe9dda404214d95d95b69 cockpit-bridge-356.2-1.el9_8.noarch.rpm SHA-256: 6029dc3248942ce1d90da5f3c345e000cb2632d75c1cf35e93d971043de9d1cc cockpit-debuginfo-356.2-1.el9_8.ppc64le.rpm SHA-256: 860d0ba44400f209e595bd5f5d37dd3ce184130ffddadf6bc12b9dbf2da36887 cockpit-debugsource-356.2-1.el9