Red Hat Logging

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Red Hat Logging.

Recent Red Hat Logging Security Advisories

Advisory	Title	Published
RHSA-2026:26585	(RHSA-2026:26585) Logging for Red Hat OpenShift - 6.0.15	June 17, 2026
RHSA-2026:22862	(RHSA-2026:22862) Logging for Red Hat OpenShift - 6.4.5	June 3, 2026
RHSA-2026:16354	(RHSA-2026:16354) Logging for Red Hat OpenShift - 6.5.1	May 12, 2026
RHSA-2026:11800	(RHSA-2026:11800) Logging for Red Hat OpenShift - 6.2.10	April 29, 2026
RHSA-2026:7052	(RHSA-2026:7052) Logging for Red Hat OpenShift - 6.0.14	April 8, 2026
RHSA-2026:4939	(RHSA-2026:4939) Logging for Red Hat OpenShift - 6.3.4	March 18, 2026
RHSA-2026:4500	(RHSA-2026:4500) Logging for Red Hat OpenShift - 6.2.9	March 12, 2026
RHSA-2026:4498	(RHSA-2026:4498) Logging for Red Hat OpenShift - 6.4.3	March 12, 2026
RHSA-2025:23535	(RHSA-2025:23535) Logging for Red Hat OpenShift - 6.0.12	December 17, 2025
RHSA-2025:23534	(RHSA-2025:23534) Logging for Red Hat OpenShift - 6.2.7	December 17, 2025

By the Year

In 2026 there have been 5 vulnerabilities in Red Hat Logging with an average score of 8.4 out of ten. Last year, in 2025 Logging had 2 security vulnerabilities published. That is, 3 more vulnerabilities have already been reported in 2026 as compared to last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 1.97.

Year	Vulnerabilities	Average Score
2026	5	8.42
2025	2	6.45
2024	10	6.89
2023	5	6.56

It may take a day or so for new Logging vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Red Hat Logging Security Vulnerabilities

OpenShift Cluster Logging Operator: SA Token Escalation via Missing Auth
CVE-2026-10609 6.8 - Medium - June 23, 2026

A missing authorization flaw was found in the OpenShift Cluster Logging Operator. The operator creates and forwards ServiceAccount tokens to output destinations without verifying that the ClusterLogForwarder creator has permission to use those credentials, allowing a delegated editor to exfiltrate SA tokens and escalate privileges.

AuthZ

Prototype Pollution via proto in flatted prior to 3.4.2
CVE-2026-33228 9.8 - Critical - March 20, 2026

flatted is a circular JSON parser. Prior to version 3.4.2, the parse() function in flatted can use attacker-controlled string values from the parsed JSON as direct array index keys, without validating that they are numeric. Since the internal input buffer is a JavaScript Array, accessing it with the key "__proto__" returns Array.prototype via the inherited getter. This object is then treated as a legitimate parsed value and assigned as a property of the output object, effectively leaking a live reference to Array.prototype to the consumer. Any code that subsequently writes to that property will pollute the global prototype. This issue has been patched in version 3.4.2.

Prototype Pollution

Prototype Pollution in Locutus JS v2.0.12<2.0.39
CVE-2026-25521 9.3 - Critical - February 04, 2026

Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. In versions from 2.0.12 to before 2.0.39, a prototype pollution vulnerability exists in locutus. Despite a previous fix that attempted to mitigate prototype pollution by checking whether user input contained a forbidden key, it is still possible to pollute Object.prototype via a crafted input using String.prototype. This issue has been patched in version 2.0.39.

Prototype Pollution

RedHat CVE-2026-0810 gix-date::TimeBuf::as_str non-UTF8 UB
CVE-2026-0810 7.1 - High - January 26, 2026

A flaw was found in gix-date. The `gix_date::parse::TimeBuf::as_str` function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the `TimeBuf` component, leading to undefined behavior when these malformed strings are subsequently processed. This could potentially result in application instability or other unforeseen consequences.

Incorrect Calculation of Multi-Byte String Length

React Router createFileSessionStorage path traversal before 7.9.4/2.17.2
CVE-2025-61686 9.1 - Critical - January 10, 2026

React Router is a router for React. In @react-router/node versions 7.0.0 through 7.9.3, @remix-run/deno prior to version 2.17.2, and @remix-run/node prior to version 2.17.2, if createFileSessionStorage() is being used from @react-router/node (or @remix-run/node/@remix-run/deno in Remix v2) with an unsigned cookie, it is possible for an attacker to cause the session to try to read/write from a location outside the specified session file directory. The success of the attack would depend on the permissions of the web server process to access those files. Read files cannot be returned directly to the attacker. Session file reads would only succeed if the file matched the expected session file format. If the file matched the session file format, the data would be populated into the server side session but not directly returned to the attacker unless the application logic returned specific session information. This issue has been patched in @react-router/node version 7.9.4, @remix-run/deno version 2.17.2, and @remix-run/node version 2.17.2.

Directory traversal

serialize-javascript XSS via unsanitized regex input
CVE-2024-11831 5.4 - Medium - February 10, 2025

A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.

XSS

Rsync: Checksum Length Manipulation Enables Stack Data Leak
CVE-2024-12085 7.5 - High - January 14, 2025

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

Use of Uninitialized Resource

OpenShift Telemeter JWT Auth 'iss' Bypass via Forged Token
CVE-2024-5037 7.5 - High - June 05, 2024

A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT) authentication.

Authentication Bypass by Spoofing

CoreDNS invalid cache entries due to flawed caching mechanism
CVE-2024-0874 5.3 - Medium - April 25, 2024

A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.

Use of Cache Containing Sensitive Information

Linux NVMe Driver NULL Deref via Malicious TCP Packets
CVE-2023-6356 6.5 - Medium - February 07, 2024

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.

NULL Pointer Dereference

Linux Kernel NVMe-over-TCP NULL ptr deref leads to DoS
CVE-2023-6535 6.5 - Medium - February 07, 2024

NULL Pointer Dereference

Linux Kernel NVMe over TCP NULL ptr deref Kernel Panic/DoS
CVE-2023-6536 6.5 - Medium - February 07, 2024

NULL Pointer Dereference

Linux Kernel kTLS splice OOB write flaw CVE-2024-0646
CVE-2024-0646 7 - High - January 17, 2024

An out-of-bounds memory write flaw was found in the Linux kernels Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Memory Corruption

GnuTLS: DoS via Faulty Certificate Chain Validation in Cockpit
CVE-2024-0567 7.5 - High - January 16, 2024

A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.

Improper Verification of Cryptographic Signature

GnuTLS timing attack via RSA-PSK ClientKeyExchange (CVE-2024-0553)
CVE-2024-0553 7.5 - High - January 16, 2024

A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.

Side Channel Attack

OOB Read in SMB Client due to Integer Underflow CVE-2024-0565
CVE-2024-0565 6.8 - Medium - January 15, 2024

An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.

Integer underflow

Linux Kernel Netfilter UAF in NFT_CHAIN/Object Escalation
CVE-2024-0193 7.8 - High - January 02, 2024

A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.

Dangling pointer

Linux Kernel gsm tty multiplexer race leads to local privilege escalation
CVE-2023-6546 7 - High - December 21, 2023

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.

Dangling pointer

Linux Kernel SMB client OOB read in smbCalcSize
CVE-2023-6606 7.1 - High - December 08, 2023

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

Out-of-bounds Read

Linux Kernel SMB2 OOB Read Leak (CVE-2023-6610)
CVE-2023-6610 7.1 - High - December 08, 2023

An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

Out-of-bounds Read

OpenSSL RSA-PSK ClientKeyExchange timing side channel
CVE-2023-5981 5.9 - Medium - November 28, 2023

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

Side Channel Attack

OpenShift Logging LokiStack Token-Based Cache Overprivilege Vulnerability
CVE-2023-4456 5.7 - Medium - August 21, 2023

A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached.

Insufficient Granularity of Access Control

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Red Hat Logging or by Red Hat? Click the Watch button to subscribe.

Red Hat
Vendor

Red Hat Logging
Product

Red Hat Logging

Don't miss out!

Recent Red Hat Logging Security Advisories

By the Year

Recent Red Hat Logging Security Vulnerabilities

OpenShift Cluster Logging Operator: SA Token Escalation via Missing Auth CVE-2026-10609 6.8 - Medium - June 23, 2026

Prototype Pollution via __proto__ in flatted prior to 3.4.2 CVE-2026-33228 9.8 - Critical - March 20, 2026

Prototype Pollution in Locutus JS v2.0.12<2.0.39 CVE-2026-25521 9.3 - Critical - February 04, 2026

RedHat CVE-2026-0810 gix-date::TimeBuf::as_str non-UTF8 UB CVE-2026-0810 7.1 - High - January 26, 2026

React Router createFileSessionStorage path traversal before 7.9.4/2.17.2 CVE-2025-61686 9.1 - Critical - January 10, 2026

serialize-javascript XSS via unsanitized regex input CVE-2024-11831 5.4 - Medium - February 10, 2025

Rsync: Checksum Length Manipulation Enables Stack Data Leak CVE-2024-12085 7.5 - High - January 14, 2025

OpenShift Telemeter JWT Auth 'iss' Bypass via Forged Token CVE-2024-5037 7.5 - High - June 05, 2024

CoreDNS invalid cache entries due to flawed caching mechanism CVE-2024-0874 5.3 - Medium - April 25, 2024

Linux NVMe Driver NULL Deref via Malicious TCP Packets CVE-2023-6356 6.5 - Medium - February 07, 2024

Linux Kernel NVMe-over-TCP NULL ptr deref leads to DoS CVE-2023-6535 6.5 - Medium - February 07, 2024

Linux Kernel NVMe over TCP NULL ptr deref Kernel Panic/DoS CVE-2023-6536 6.5 - Medium - February 07, 2024

Linux Kernel kTLS splice OOB write flaw CVE-2024-0646 CVE-2024-0646 7 - High - January 17, 2024

GnuTLS: DoS via Faulty Certificate Chain Validation in Cockpit CVE-2024-0567 7.5 - High - January 16, 2024

GnuTLS timing attack via RSA-PSK ClientKeyExchange (CVE-2024-0553) CVE-2024-0553 7.5 - High - January 16, 2024

OOB Read in SMB Client due to Integer Underflow CVE-2024-0565 CVE-2024-0565 6.8 - Medium - January 15, 2024

Linux Kernel Netfilter UAF in NFT_CHAIN/Object Escalation CVE-2024-0193 7.8 - High - January 02, 2024

Linux Kernel gsm tty multiplexer race leads to local privilege escalation CVE-2023-6546 7 - High - December 21, 2023

Linux Kernel SMB client OOB read in smbCalcSize CVE-2023-6606 7.1 - High - December 08, 2023

Linux Kernel SMB2 OOB Read Leak (CVE-2023-6610) CVE-2023-6610 7.1 - High - December 08, 2023

OpenSSL RSA-PSK ClientKeyExchange timing side channel CVE-2023-5981 5.9 - Medium - November 28, 2023

OpenShift Logging LokiStack Token-Based Cache Overprivilege Vulnerability CVE-2023-4456 5.7 - Medium - August 21, 2023

Stay on top of Security Vulnerabilities

Red Hat Vendor

Red Hat LoggingProduct

OpenShift Cluster Logging Operator: SA Token Escalation via Missing Auth
CVE-2026-10609 6.8 - Medium - June 23, 2026

Prototype Pollution via proto in flatted prior to 3.4.2
CVE-2026-33228 9.8 - Critical - March 20, 2026

Prototype Pollution in Locutus JS v2.0.12<2.0.39
CVE-2026-25521 9.3 - Critical - February 04, 2026

RedHat CVE-2026-0810 gix-date::TimeBuf::as_str non-UTF8 UB
CVE-2026-0810 7.1 - High - January 26, 2026

React Router createFileSessionStorage path traversal before 7.9.4/2.17.2
CVE-2025-61686 9.1 - Critical - January 10, 2026

serialize-javascript XSS via unsanitized regex input
CVE-2024-11831 5.4 - Medium - February 10, 2025

Rsync: Checksum Length Manipulation Enables Stack Data Leak
CVE-2024-12085 7.5 - High - January 14, 2025

OpenShift Telemeter JWT Auth 'iss' Bypass via Forged Token
CVE-2024-5037 7.5 - High - June 05, 2024

CoreDNS invalid cache entries due to flawed caching mechanism
CVE-2024-0874 5.3 - Medium - April 25, 2024

Linux NVMe Driver NULL Deref via Malicious TCP Packets
CVE-2023-6356 6.5 - Medium - February 07, 2024

Linux Kernel NVMe-over-TCP NULL ptr deref leads to DoS
CVE-2023-6535 6.5 - Medium - February 07, 2024

Linux Kernel NVMe over TCP NULL ptr deref Kernel Panic/DoS
CVE-2023-6536 6.5 - Medium - February 07, 2024

Linux Kernel kTLS splice OOB write flaw CVE-2024-0646
CVE-2024-0646 7 - High - January 17, 2024

GnuTLS: DoS via Faulty Certificate Chain Validation in Cockpit
CVE-2024-0567 7.5 - High - January 16, 2024

GnuTLS timing attack via RSA-PSK ClientKeyExchange (CVE-2024-0553)
CVE-2024-0553 7.5 - High - January 16, 2024

OOB Read in SMB Client due to Integer Underflow CVE-2024-0565
CVE-2024-0565 6.8 - Medium - January 15, 2024

Linux Kernel Netfilter UAF in NFT_CHAIN/Object Escalation
CVE-2024-0193 7.8 - High - January 02, 2024

Linux Kernel gsm tty multiplexer race leads to local privilege escalation
CVE-2023-6546 7 - High - December 21, 2023

Linux Kernel SMB client OOB read in smbCalcSize
CVE-2023-6606 7.1 - High - December 08, 2023

Linux Kernel SMB2 OOB Read Leak (CVE-2023-6610)
CVE-2023-6610 7.1 - High - December 08, 2023

OpenSSL RSA-PSK ClientKeyExchange timing side channel
CVE-2023-5981 5.9 - Medium - November 28, 2023

OpenShift Logging LokiStack Token-Based Cache Overprivilege Vulnerability
CVE-2023-4456 5.7 - Medium - August 21, 2023

Red Hat
Vendor

Red Hat Logging
Product