{"id":"RHSA-2026:36796","summary":"Red Hat Security Advisory: Red Hat Edge Manager Version 1.0.3 Security Update","modified":"2026-07-10T10:10:33Z","published":"2026-07-09T10:12:56Z","related":["GO-2025-4155","GO-2026-4599","GO-2026-4601","GO-2026-4771","GO-2026-4772","GO-2026-4864","GO-2026-4866","GO-2026-4870","GO-2026-4946","GO-2026-4947","GO-2026-4981","GO-2026-5006","GO-2026-5014","GO-2026-5015","GO-2026-5017","GO-2026-5018","GO-2026-5021","GO-2026-5023","GO-2026-5026"],"upstream":["CVE-2025-61729","CVE-2026-25679","CVE-2026-27137","CVE-2026-32280","CVE-2026-32281","CVE-2026-32282","CVE-2026-32283","CVE-2026-33186","CVE-2026-33810","CVE-2026-33811","CVE-2026-33815","CVE-2026-33816","CVE-2026-35469","CVE-2026-39821","CVE-2026-39828","CVE-2026-39829","CVE-2026-39830","CVE-2026-39832","CVE-2026-39835","CVE-2026-42151","CVE-2026-42154","CVE-2026-42508","CVE-2026-46595"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:36796"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"ARTICLE","url":"https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/managing_device_fleets_with_the_red_hat_edge_manager/assembly-edge-manager-intro"},{"type":"ARTICLE","url":"https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.15/html-single/edge_manager/index#edge-mgr-intro"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418462"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445345"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445356"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449833"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455972"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455975"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456333"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456335"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456336"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456338"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456339"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457729"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466505"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466507"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467822"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480680"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480681"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480684"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480685"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480687"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480688"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480689"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480756"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36796.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-61729"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-61729"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-61729"},{"type":"ARTICLE","url":"https://go.dev/cl/725920"},{"type":"ARTICLE","url":"https://go.dev/issue/76445"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2025-4155"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-25679"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-25679"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25679"},{"type":"ARTICLE","url":"https://go.dev/cl/752180"},{"type":"ARTICLE","url":"https://go.dev/issue/77578"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4601"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-27137"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-27137"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27137"},{"type":"ARTICLE","url":"https://go.dev/cl/752182"},{"type":"ARTICLE","url":"https://go.dev/issue/77952"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4599"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-32280"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-32280"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32280"},{"type":"ARTICLE","url":"https://go.dev/cl/758320"},{"type":"ARTICLE","url":"https://go.dev/issue/78282"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4947"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-32281"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-32281"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32281"},{"type":"ARTICLE","url":"https://go.dev/cl/758061"},{"type":"ARTICLE","url":"https://go.dev/issue/78281"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4946"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-32282"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-32282"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32282"},{"type":"ARTICLE","url":"https://go.dev/cl/763761"},{"type":"ARTICLE","url":"https://go.dev/issue/78293"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4864"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-32283"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-32283"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32283"},{"type":"ARTICLE","url":"https://go.dev/cl/763767"},{"type":"ARTICLE","url":"https://go.dev/issue/78334"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4870"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-33186"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-33186"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33186"},{"type":"ARTICLE","url":"https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-33810"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-33810"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33810"},{"type":"ARTICLE","url":"https://go.dev/cl/763763"},{"type":"ARTICLE","url":"https://go.dev/issue/78332"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4866"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-33811"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-33811"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33811"},{"type":"ARTICLE","url":"https://go.dev/cl/767860"},{"type":"ARTICLE","url":"https://go.dev/issue/78803"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4981"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-33815"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-33815"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33815"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4771"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-33816"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-33816"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33816"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4772"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-35469"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-35469"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-35469"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-39821"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-39821"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39821"},{"type":"ARTICLE","url":"https://go.dev/cl/767220"},{"type":"ARTICLE","url":"https://go.dev/issue/78760"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-5026"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-39828"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-39828"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39828"},{"type":"ARTICLE","url":"https://go.dev/cl/781621"},{"type":"ARTICLE","url":"https://go.dev/issue/79562"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/a082jnz-LvI"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-5014"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-39829"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-39829"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39829"},{"type":"ARTICLE","url":"https://go.dev/cl/781641"},{"type":"ARTICLE","url":"https://go.dev/cl/781661"},{"type":"ARTICLE","url":"https://go.dev/issue/79565"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-5018"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-39830"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-39830"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39830"},{"type":"ARTICLE","url":"https://go.dev/cl/781640"},{"type":"ARTICLE","url":"https://go.dev/cl/781664"},{"type":"ARTICLE","url":"https://go.dev/issue/79564"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-5017"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-39832"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-39832"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39832"},{"type":"ARTICLE","url":"https://go.dev/cl/778642"},{"type":"ARTICLE","url":"https://go.dev/issue/79435"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-5006"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-39835"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-39835"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39835"},{"type":"ARTICLE","url":"https://go.dev/cl/781660"},{"type":"ARTICLE","url":"https://go.dev/issue/79563"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-5015"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-42151"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-42151"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42151"},{"type":"ARTICLE","url":"https://github.com/prometheus/prometheus/pull/18587"},{"type":"ARTICLE","url":"https://github.com/prometheus/prometheus/pull/18590"},{"type":"ARTICLE","url":"https://github.com/prometheus/prometheus/releases/tag/v3.11.3"},{"type":"ARTICLE","url":"https://github.com/prometheus/prometheus/releases/tag/v3.5.3"},{"type":"ARTICLE","url":"https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-42154"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-42154"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42154"},{"type":"ARTICLE","url":"https://github.com/prometheus/prometheus/pull/18584"},{"type":"ARTICLE","url":"https://github.com/prometheus/prometheus/pull/18585"},{"type":"ARTICLE","url":"https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-42508"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-42508"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42508"},{"type":"ARTICLE","url":"https://go.dev/cl/781220"},{"type":"ARTICLE","url":"https://go.dev/issue/79568"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-5021"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-46595"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-46595"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-46595"},{"type":"ARTICLE","url":"https://go.dev/cl/781642"},{"type":"ARTICLE","url":"https://go.dev/issue/79570"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-5023"}],"affected":[{"package":{"name":"flightctl","ecosystem":"Red Hat:edge_manager:1.0::el9","purl":"pkg:rpm/redhat/flightctl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.3-1.el9em"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:36796.json"}},{"package":{"name":"flightctl-agent","ecosystem":"Red Hat:edge_manager:1.0::el9","purl":"pkg:rpm/redhat/flightctl-agent"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.3-1.el9em"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:36796.json"}},{"package":{"name":"flightctl-cli","ecosystem":"Red Hat:edge_manager:1.0::el9","purl":"pkg:rpm/redhat/flightctl-cli"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.3-1.el9em"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:36796.json"}},{"package":{"name":"flightctl-selinux","ecosystem":"Red Hat:edge_manager:1.0::el9","purl":"pkg:rpm/redhat/flightctl-selinux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.3-1.el9em"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:36796.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}]}