Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.2
Red Hat PCS Configuration Management Tool Security Flaw Allows Unauthorized Access
RHSA-2026:2818
Summary
A security issue was found in Red Hat PCS, a configuration management tool for High Availability and Identity Management. An attacker could use this flaw to access sensitive configuration data, potentially disrupting cluster operations. Red Hat has released updates to fix this issue, so apply the latest patches as soon as possible.
What to do
- Update redhat cockpit-ha-cluster to version 0:0.12.0-3.el10_0.4.
- Update redhat pcs to version 0:0.12.0-3.el10_0.4.
- Update redhat pcs-snmp to version 0:0.12.0-3.el10_0.4.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| redhat | cockpit-ha-cluster | <= 0:0.12.0-3.el10_0.4 | 0:0.12.0-3.el10_0.4 |
| redhat | pcs | <= 0:0.12.0-3.el10_0.4 | 0:0.12.0-3.el10_0.4 |
| redhat | pcs-snmp | <= 0:0.12.0-3.el10_0.4 | 0:0.12.0-3.el10_0.4 |
Original title
Red Hat Security Advisory: pcs security update
osv CVSS3.1
8.2
- https://access.redhat.com/errata/RHSA-2026:2818 Vendor Advisory
- https://access.redhat.com/security/updates/classification/#important Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2431740 Third Party Advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2818.j... Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2025-13465 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-13465 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-13465 Vendor Advisory
- https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg Third Party Advisory
Published: 18 Feb 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026