Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Critical Update Needed for Python urllib3 Library
RHSA-2026:2728
Summary
The urllib3 library, used by many Python applications, has a security flaw that could allow hackers to access sensitive data. Update your Python packages to fix the issue and prevent unauthorized access. This update is critical for any system using urllib3, so apply it as soon as possible.
What to do
- Update redhat python-urllib3 to version 0:1.24.2-4.el8_2.1.
- Update redhat python3-urllib3 to version 0:1.24.2-4.el8_2.1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| redhat | python-urllib3 | <= 0:1.24.2-4.el8_2.1 | 0:1.24.2-4.el8_2.1 |
| redhat | python3-urllib3 | <= 0:1.24.2-4.el8_2.1 | 0:1.24.2-4.el8_2.1 |
Original title
Red Hat Security Advisory: python-urllib3 security update
osv CVSS3.1
7.5
- https://access.redhat.com/errata/RHSA-2026:2728 Vendor Advisory
- https://access.redhat.com/security/updates/classification/#important Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2419455 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2419467 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2427726 Third Party Advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2728.j... Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2025-66418 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-66418 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-66418 Vendor Advisory
- https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222... Third Party Advisory
- https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2025-66471 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-66471 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-66471 Vendor Advisory
- https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716e... Third Party Advisory
- https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-21441 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-21441 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-21441 Vendor Advisory
- https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc... Third Party Advisory
- https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99 Third Party Advisory
Published: 17 Feb 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026