Red Hat Product Errata RHSA-2026:22721 - Security Advisory Issued: 2026-06-03 Updated: 2026-06-03 RHSA-2026:22721 - Security Advisory Overview Updated Packages Synopsis Important: expat security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for expat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Expat is a C library for parsing XML documents. Security Fix(es): libexpat: denial of service via crafted XML input (CVE-2026-45186) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 8 x86_64 Red Hat Enterprise Linux for IBM z Systems 8 s390x Red Hat Enterprise Linux for Power, little endian 8 ppc64le Red Hat Enterprise Linux for ARM 64 8 aarch64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x Fixes BZ - 2468575 - CVE-2026-45186 libexpat: denial of service via crafted XML input CVEs CVE-2026-45186 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 8 SRPM expat-2.5.0-2.el8_10.src.rpm SHA-256: 0c29028c1ead310bb499c03fa28898fc271e3133b2489d4e30cb2c01e265c61a x86_64 expat-2.5.0-2.el8_10.i686.rpm SHA-256: f5938904a0fae8a8cc8703048df12938e9bcdcfb9175b53a51bc8718587372a2 expat-2.5.0-2.el8_10.x86_64.rpm SHA-256: 69dcc849b7215290fbd793d2c74010f47dba667e86e21a361fdc224d59bedb41 expat-debuginfo-2.5.0-2.el8_10.i686.rpm SHA-256: 76e1e0a12aa32b660bad5872cd93cb83715e9b0c8e2d777d5709e40f4402b657 expat-debuginfo-2.5.0-2.el8_10.x86_64.rpm SHA-256: 9b24b5a8e7b563ae9c50cdaa722f8bc0bc1d9ee26e482510fc3620b5cf8e187f expat-debugsource-2.5.0-2.el8_10.i686.rpm SHA-256: 4e452df198dfa05264e66318f27566089fd55511af293680e811c6adc9c5f1e3 expat-debugsource-2.5.0-2.el8_10.x86_64.rpm SHA-256: 8b32e7e82369b03fc1be2ab2aa31fc05d5a1b16b9bd856c4f1bad33d14274145 expat-devel-2.5.0-2.el8_10.i686.rpm SHA-256: b26dd2f21bbc38831f60c1163c52f6871f2c50c4141414415c89255771a05dbe expat-devel-2.5.0-2.el8_10.x86_64.rpm SHA-256: d7e687881a645a62ebf5f9b5a095abf6373ee5a3006c55c6d1402c02f6ffccf2 Red Hat Enterprise Linux for IBM z Systems 8 SRPM expat-2.5.0-2.el8_10.src.rpm SHA-256: 0c29028c1ead310bb499c03fa28898fc271e3133b2489d4e30cb2c01e265c61a s390x expat-2.5.0-2.el8_10.s390x.rpm SHA-256: 9a38f43c824cb3702aa31dbd6dd7b74008e8bd9dbbba8edf64123825563d37a1 expat-debuginfo-2.5.0-2.el8_10.s390x.rpm SHA-256: 8e7c78059e7840ed97e5f2d774e9443e43ae188774b4c9bb8bbe1de923bf006c expat-debugsource-2.5.0-2.el8_10.s390x.rpm SHA-256: dce604a09f7aedf4fbcd6db1f65baf71679a068e6af2d965f78c42e7f7321b87 expat-devel-2.5.0-2.el8_10.s390x.rpm SHA-256: 57c541bb887c061c56ffaa374392a92e972917fb286f0964a193dca64f3dea82 Red Hat Enterprise Linux for Power, little endian 8 SRPM expat-2.5.0-2.el8_10.src.rpm SHA-256: 0c29028c1ead310bb499c03fa28898fc271e3133b2489d4e30cb2c01e265c61a ppc64le expat-2.5.0-2.el8_10.ppc64le.rpm SHA-256: 7c02106cb7b1b43bb7c85c9415d833dde0f5a6c638719ff1c407208a73f3aaca expat-debuginfo-2.5.0-2.el8_10.ppc64le.rpm SHA-256: 992c709210fab6bc2a625052d192afcb35cb938fc0a6f5cc3bd422ba2d805e76 expat-debugsource-2.5.0-2.el8_10.ppc64le.rpm SHA-256: 17b10124e436d14128c406c789f916cafeadba069b331ac96299537a8b2bff6f expat-devel-2.5.0-2.el8_10.ppc64le.rpm SHA-256: de92de4fc2c527955cae8ccd1adad24a445ccd1b4bf8af17baebd7948a5acd95 Red Hat Enterprise Linux for ARM 64 8 SRPM expat-2.5.0-2.el8_10.src.rpm SHA-256: 0c29028c1ead310bb499c03fa28898fc271e3133b2489d4e30cb2c01e265c61a aarch64 expat-2.5.0-2.el8_10.aarch64.rpm SHA-256: 6253cd4ea1c562c09ba5c20a1790d28fab7ddc5585f2f7958b2c0c66de842ad1 expat-debuginfo-2.5.0-2.el8_10.aarch64.rpm SHA-256: 9479b41d683095d170def28f3e1782ccbea267b9177f550456d1b0a4157cf2c3 expat-debugsource-2.5.0-2.el8_10.aarch64.rpm SHA-256: ca0c05cf57ffd558a697527494f054c9a1539f8232e5c08025dbcea7af536e01 expat-devel-2.5.0-2.el8_10.aarch64.rpm SHA-256: 6e1d4f9602f60774774d267f8661dab4ab8ec8845fd476d49a25a1918aae50f9 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 SRPM expat-2.5.0-2.el8_10.src.rpm SHA-256: 0c29028c1ead310bb499c03fa28898fc271e3133b2489d4e30cb2c01e265c61a x86_64 expat-2.5.0-2.el8_10.i686.rpm SHA-256: f5938904a0fae8a8cc8703048df12938e9bcdcfb9175b53a51bc8718587372a2 expat-2.5.0-2.el8_10.x86_64.rpm SHA-256: 69dcc849b7215290fbd793d2c74010f47dba667e86e21a361fdc224d59bedb41 expat-debuginfo-2.5.0-2.el8_10.i686.rpm SHA-256: 76e1e0a12aa32b660bad5872cd93cb83715e9b0c8e2d777d5709e40f4402b657 expat-debuginfo-2.5.0-2.el8_10.x86_64.rpm SHA-256: 9b24b5a8e7b563ae9c50cdaa722f8bc0bc1d9ee26e482510fc3620b5cf8e187f expat-debugsource-2.5.0-2.el8_10.i686.rpm SHA-256: 4e452df198dfa05264e66318f27566089fd55511af293680e811c6adc9c5f1e3 expat-debugsource-2.5.0-2.el8_10.x86_64.rpm SHA-256: 8b32e7e82369b03fc1be2ab2aa31fc05d5a1b16b9bd856c4f1bad33d14274145 expat-devel-2.5.0-2.el8_10.i686.rpm SHA-256: b26dd2f21bbc38831f60c1163c52f6871f2c50c4141414415c89255771a05dbe expat-devel-2.5.0-2.el8_10.x86_64.rpm SHA-256: d7e687881a645a62ebf5f9b5a095abf6373ee5a3006c55c6d1402c02f6ffccf2 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 SRPM expat-2.5.0-2.el8_10.src.rpm SHA-256: 0c29028c1ead310bb499c03fa28898fc271e3133b2489d4e30cb2c01e265c61a aarch64 expat-2.5.0-2.el8_10.aarch64.rpm SHA-256: 6253cd4ea1c562c09ba5c20a1790d28fab7ddc5585f2f7958b2c0c66de842ad1 expat-debuginfo-2.5.0-2.el8_10.aarch64.rpm SHA-256: 9479b41d683095d170def28f3e1782ccbea267b9177f550456d1b0a4157cf2c3 expat-debugsource-2.5.0-2.el8_10.aarch64.rpm SHA-256: ca0c05cf57ffd558a697527494f054c9a1539f8232e5c08025dbcea7af536e01 expat-devel-2.5.0-2.el8_10.aarch64.rpm SHA-256: 6e1d4f9602f60774774d267f8661dab4ab8ec8845fd476d49a25a1918aae50f9 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 SRPM expat-2.5.0-2.el8_10.src.rpm SHA-256: 0c29028c1ead310bb499c03fa28898fc271e3133b2489d4e30cb2c01e265c61a ppc64le expat-2.5.0-2.el8_10.ppc64le.rpm SHA-256: 7c02106cb7b1b43bb7c85c9415d833dde0f5a6c638719ff1c407208a73f3aaca expat-debuginfo-2.5.0-2.el8_10.ppc64le.rpm SHA-256: 992c709210fab6bc2a625052d192afcb35cb938fc0a6f5cc3bd422ba2d805e76 expat-debugsource-2.5.0-2.el8_10.ppc64le.rpm SHA-256: 17b10124e436d14128c406c789f916cafeadba069b331ac96299537a8b2bff6f expat-devel-2.5.0-2.el8_10.ppc64le.rpm SHA-256: de92de4fc2c527955cae8ccd1adad24a445ccd1b4bf8af17baebd7948a5acd95 Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 SRPM expat-2.5.0-2.el8_10.src.rpm SHA-256: 0c29028c1ead310bb499c03fa28898fc271e3133b2489d4e30cb2c01e265c61a s390x expat-2.5.0-2.el8_10.s390x.rpm SHA-256: 9a38f43c824cb3702aa31dbd6dd7b74008e8bd9dbbba8edf64123825563d37a1 expat-debuginfo-2.5.0-2.el8_10.s390x.rpm SHA-256: 8e7c78059e7840ed97e5f2d774e9443e43ae188774b4c9bb8bbe1de923bf006c expat-debugsource-2.5.0-2.el8_10.s390x.rpm SHA-256: dce604a09f7aedf4fbcd6db1f65baf71679a068e6af2d965f78c42e7f7321b87 expat-devel-2.5.0-2.el8_10.s390x.rpm SHA-256: 57c541bb887c061c56ffaa374392a92e972917fb286f0964a193dca64f3dea82 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .