Red Hat Product Errata RHSA-2026:21515 - Security Advisory Issued: 2026-05-27 Updated: 2026-05-27 RHSA-2026:21515 - Security Advisory Overview Updated Packages Synopsis Important: cockpit security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for cockpit is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fix(es): cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI (CVE-2026-4802) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux Server - TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Fixes BZ - 2451155 - CVE-2026-4802 cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI CVEs CVE-2026-4802 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 SRPM cockpit-286.2-1.el8_8.src.rpm SHA-256: 5e3f740568465b70df3eb14082b79abb8d5e1accd19981c5264fef8cde25f0bd x86_64 cockpit-286.2-1.el8_8.x86_64.rpm SHA-256: 62ce4447a84cda311a5b46201d742bf3df9816ea9f64d0a4bb310555e95c07b2 cockpit-bridge-286.2-1.el8_8.x86_64.rpm SHA-256: 37dc0a0e9fb8ed4850030ec0f7b8b7b95f4fd6a8a3ce19fde0b92514f16ffab2 cockpit-debuginfo-286.2-1.el8_8.x86_64.rpm SHA-256: d36ca3763421a7ed5a64ad364111590f5a5896d0c18d927004189887fe90f72e cockpit-debugsource-286.2-1.el8_8.x86_64.rpm SHA-256: 127509a711abf0a332b35de566272fb860f4ee8d573b994bf5d48f69a16b2da4 cockpit-doc-286.2-1.el8_8.noarch.rpm SHA-256: 1cf903ae3670c656fc57e99be143069ff3c281a3a3f7ca90c0941ee974c19acb cockpit-system-286.2-1.el8_8.noarch.rpm SHA-256: 1bc2bc4585c01b2d0ad3a0481db2ac28f0fa3b9d60b1e095c057dc73646d82a9 cockpit-ws-286.2-1.el8_8.x86_64.rpm SHA-256: 7d2092f1afb7b5b1b93af144e358abe0c068ad46ab919fd6898f526cc8cc9dd6 Red Hat Enterprise Linux Server - TUS 8.8 SRPM cockpit-286.2-1.el8_8.src.rpm SHA-256: 5e3f740568465b70df3eb14082b79abb8d5e1accd19981c5264fef8cde25f0bd x86_64 cockpit-286.2-1.el8_8.x86_64.rpm SHA-256: 62ce4447a84cda311a5b46201d742bf3df9816ea9f64d0a4bb310555e95c07b2 cockpit-bridge-286.2-1.el8_8.x86_64.rpm SHA-256: 37dc0a0e9fb8ed4850030ec0f7b8b7b95f4fd6a8a3ce19fde0b92514f16ffab2 cockpit-debuginfo-286.2-1.el8_8.x86_64.rpm SHA-256: d36ca3763421a7ed5a64ad364111590f5a5896d0c18d927004189887fe90f72e cockpit-debugsource-286.2-1.el8_8.x86_64.rpm SHA-256: 127509a711abf0a332b35de566272fb860f4ee8d573b994bf5d48f69a16b2da4 cockpit-doc-286.2-1.el8_8.noarch.rpm SHA-256: 1cf903ae3670c656fc57e99be143069ff3c281a3a3f7ca90c0941ee974c19acb cockpit-system-286.2-1.el8_8.noarch.rpm SHA-256: 1bc2bc4585c01b2d0ad3a0481db2ac28f0fa3b9d60b1e095c057dc73646d82a9 cockpit-ws-286.2-1.el8_8.x86_64.rpm SHA-256: 7d2092f1afb7b5b1b93af144e358abe0c068ad46ab919fd6898f526cc8cc9dd6 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 SRPM cockpit-286.2-1.el8_8.src.rpm SHA-256: 5e3f740568465b70df3eb14082b79abb8d5e1accd19981c5264fef8cde25f0bd ppc64le cockpit-286.2-1.el8_8.ppc64le.rpm SHA-256: 13383d4d1212576a86d0c53d5efcb209874bac49b26fa58bd1aab3f2bcfff0f2 cockpit-bridge-286.2-1.el8_8.ppc64le.rpm SHA-256: 271792e41427f6ae8443421028e1d9f4c321f83a0b11870072234d854de044d7 cockpit-debuginfo-286.2-1.el8_8.ppc64le.rpm SHA-256: 7e9efba427d9613a38f63a947f072d75a45651bc65ab031aa7769421423eee03 cockpit-debugsource-286.2-1.el8_8.ppc64le.rpm SHA-256: 9b561a5d90fe3e67aa036102d340d9915fd96819254ae3e74efb2f9d5e00e85b cockpit-doc-286.2-1.el8_8.noarch.rpm SHA-256: 1cf903ae3670c656fc57e99be143069ff3c281a3a3f7ca90c0941ee974c19acb cockpit-system-286.2-1.el8_8.noarch.rpm SHA-256: 1bc2bc4585c01b2d0ad3a0481db2ac28f0fa3b9d60b1e095c057dc73646d82a9 cockpit-ws-286.2-1.el8_8.ppc64le.rpm SHA-256: da1d23444414618e3b300ff7a477ee91a62e2a1474f086d3c149857276a9e89b Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 SRPM cockpit-286.2-1.el8_8.src.rpm SHA-256: 5e3f740568465b70df3eb14082b79abb8d5e1accd19981c5264fef8cde25f0bd x86_64 cockpit-286.2-1.el8_8.x86_64.rpm SHA-256: 62ce4447a84cda311a5b46201d742bf3df9816ea9f64d0a4bb310555e95c07b2 cockpit-bridge-286.2-1.el8_8.x86_64.rpm SHA-256: 37dc0a0e9fb8ed4850030ec0f7b8b7b95f4fd6a8a3ce19fde0b92514f16ffab2 cockpit-debuginfo-286.2-1.el8_8.x86_64.rpm SHA-256: d36ca3763421a7ed5a64ad364111590f5a5896d0c18d927004189887fe90f72e cockpit-debugsource-286.2-1.el8_8.x86_64.rpm SHA-256: 127509a711abf0a332b35de566272fb860f4ee8d573b994bf5d48f69a16b2da4 cockpit-doc-286.2-1.el8_8.noarch.rpm SHA-256: 1cf903ae3670c656fc57e99be143069ff3c281a3a3f7ca90c0941ee974c19acb cockpit-system-286.2-1.el8_8.noarch.rpm SHA-256: 1bc2bc4585c01b2d0ad3a0481db2ac28f0fa3b9d60b1e095c057dc73646d82a9 cockpit-ws-286.2-1.el8_8.x86_64.rpm SHA-256: 7d2092f1afb7b5b1b93af144e358abe0c068ad46ab919fd6898f526cc8cc9dd6 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .