{"id":"RHSA-2026:7291","summary":"Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update","modified":"2026-05-14T10:29:15.357165349Z","published":"2026-05-14T10:08:50Z","related":["GO-2025-3955","GO-2025-4006","GO-2025-4009","GO-2025-4010","GO-2025-4011","GO-2025-4012","GO-2025-4015","GO-2025-4134","GO-2025-4135","GO-2026-4337","GO-2026-4338","GO-2026-4339","GO-2026-4403","GO-2026-4433","GO-2026-4440","GO-2026-4441","GO-2026-4559"],"upstream":["CVE-2025-22873","CVE-2025-47910","CVE-2025-47911","CVE-2025-47912","CVE-2025-47914","CVE-2025-58181","CVE-2025-58185","CVE-2025-58186","CVE-2025-58190","CVE-2025-61723","CVE-2025-61724","CVE-2025-61725","CVE-2025-61731","CVE-2025-61732","CVE-2025-68119","CVE-2025-68121","CVE-2026-27141"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"type":"ARTICLE","url":"https://images.redhat.com/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-27141"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-58190"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-47911"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-22873"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-68119"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-61732"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-61731"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-61725"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-61724"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-61723"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-58186"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-58185"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-58181"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-47914"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-47912"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-47910"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-68121"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2025-61730"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2025-61729"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2025-58189"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2025-58187"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2025-58188"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2025-58183"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2025-61728"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2025-61726"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-33809"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-32289"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-32288"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-32283"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-32282"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-32281"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-27144"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-27143"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-33810"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2025-61727"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-25679"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-27139"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-27138"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-27137"},{"type":"ARTICLE","url":"https://access.redhat.com/security/cve/CVE-2026-27142"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7291.json"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436992"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-22873"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22873"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2025/05/06/2"},{"type":"ARTICLE","url":"https://go.dev/cl/670036"},{"type":"ARTICLE","url":"https://go.dev/issue/73555"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/UZoIkUT367A/m/5WDxKizJAQAJ"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4403"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2397528"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-47910"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47910"},{"type":"ARTICLE","url":"https://go.dev/cl/699275"},{"type":"ARTICLE","url":"https://go.dev/issue/75054"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/PtW9VW21NPs/m/DJhMQ-m5AQAJ"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2025-3955"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437109"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-47911"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47911"},{"type":"ARTICLE","url":"https://github.com/golang/vulndb/issues/4440"},{"type":"ARTICLE","url":"https://go.dev/cl/709876"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4440"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407247"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-47912"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47912"},{"type":"ARTICLE","url":"https://go.dev/cl/709857"},{"type":"ARTICLE","url":"https://go.dev/issue/75678"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2025-4010"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2416000"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-47914"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47914"},{"type":"ARTICLE","url":"https://go.dev/cl/721960"},{"type":"ARTICLE","url":"https://go.dev/issue/76364"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2025-4135"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2415997"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-58181"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-58181"},{"type":"ARTICLE","url":"https://go.dev/cl/721961"},{"type":"ARTICLE","url":"https://go.dev/issue/76363"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2025-4134"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407251"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-58185"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-58185"},{"type":"ARTICLE","url":"https://github.com/golang/go/commit/8709a41d5ef7321f486a1857f189c3fee20e8edd"},{"type":"ARTICLE","url":"https://go.dev/cl/709856"},{"type":"ARTICLE","url":"https://go.dev/issue/75671"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2025-4011"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407250"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-58186"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-58186"},{"type":"ARTICLE","url":"https://go.dev/cl/709855"},{"type":"ARTICLE","url":"https://go.dev/issue/75672"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2025-4012"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437110"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-58190"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-58190"},{"type":"ARTICLE","url":"https://github.com/golang/vulndb/issues/4441"},{"type":"ARTICLE","url":"https://go.dev/cl/709875"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4441"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407252"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-61723"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-61723"},{"type":"ARTICLE","url":"https://github.com/golang/go/commit/5ce8cd16f3859ec5ac4106ad8ec15d6236f4501b"},{"type":"ARTICLE","url":"https://go.dev/cl/709858"},{"type":"ARTICLE","url":"https://go.dev/issue/75676"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2025-4009"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407257"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-61724"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-61724"},{"type":"ARTICLE","url":"https://go.dev/cl/709859"},{"type":"ARTICLE","url":"https://go.dev/issue/75716"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2025-4015"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407249"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-61725"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-61725"},{"type":"ARTICLE","url":"https://go.dev/cl/709860"},{"type":"ARTICLE","url":"https://go.dev/issue/75680"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2025-4006"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2434433"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-61731"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-61731"},{"type":"ARTICLE","url":"https://go.dev/cl/736711"},{"type":"ARTICLE","url":"https://go.dev/issue/77100"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4339"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437016"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-61732"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-61732"},{"type":"ARTICLE","url":"https://go.dev/cl/734220"},{"type":"ARTICLE","url":"https://go.dev/issue/76697"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4433"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2434438"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-68119"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68119"},{"type":"ARTICLE","url":"https://go.dev/cl/736710"},{"type":"ARTICLE","url":"https://go.dev/issue/77099"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4338"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437111"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-68121"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68121"},{"type":"ARTICLE","url":"https://go.dev/cl/737700"},{"type":"ARTICLE","url":"https://go.dev/issue/77217"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4337"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2443104"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-27141"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27141"},{"type":"ARTICLE","url":"https://go.dev/cl/746180"},{"type":"ARTICLE","url":"https://go.dev/issue/77652"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4559"}],"affected":[{"package":{"name":"golang1.26","ecosystem":"Red Hat:hummingbird:1","purl":"pkg:rpm/redhat/golang1.26"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.26.2-1.hum1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:7291.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}]}