Red Hat Openshift Builds
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Openshift Builds.
Recent Red Hat Openshift Builds Security Advisories
| Advisory | Title | Published |
|---|---|---|
| RHSA-2026:24359 | (RHSA-2026:24359) Red Hat OpenShift Builds 1.7.3 | June 8, 2026 |
| RHSA-2026:17546 | (RHSA-2026:17546) Red Hat OpenShift Builds 1.8.0 | May 14, 2026 |
| RHSA-2026:11331 | (RHSA-2026:11331) Red Hat OpenShift Builds 1.7.2 | April 28, 2026 |
| RHSA-2026:11330 | (RHSA-2026:11330) Red Hat OpenShift Builds 1.6.5 | April 28, 2026 |
| RHSA-2026:10158 | (RHSA-2026:10158) Red Hat OpenShift Builds 1.7.2 | April 23, 2026 |
| RHSA-2026:10155 | (RHSA-2026:10155) Red Hat OpenShift Builds 1.6.5 | April 23, 2026 |
| RHSA-2026:6055 | (RHSA-2026:6055) Red Hat OpenShift Builds 1.7.1 | March 30, 2026 |
| RHSA-2026:5549 | (RHSA-2026:5549) Red Hat OpenShift Builds 1.6.4 | March 24, 2026 |
| RHSA-2026:2123 | (RHSA-2026:2123) Red Hat OpenShift Builds 1.7.0 | February 5, 2026 |
| RHSA-2026:1938 | (RHSA-2026:1938) Red Hat OpenShift Builds 1.7.0 | February 4, 2026 |
By the Year
In 2026 there have been 1 vulnerability in Red Hat Openshift Builds with an average score of 7.1 out of ten. Last year, in 2025 Openshift Builds had 2 security vulnerabilities published. At the current rates, it appears that the number of vulnerabilities last year and this year may equal out. However, the average CVE base score of the vulnerabilities in 2026 is greater by 0.85.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 7.10 |
| 2025 | 2 | 6.25 |
It may take a day or so for new Openshift Builds vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Openshift Builds Security Vulnerabilities
OpenShift Pipelines PrivEsc via Tekton Scheduler RB
CVE-2026-10840
7.1 - High
- June 04, 2026
A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and cert-manager custom resources via the tekton-scheduler-role ClusterRole. When Kueue or cert-manager CRDs are present on the cluster, any authenticated user can disrupt workload scheduling, tamper with scheduling priorities, delete other tenants' Workload objects, or induce cert-manager to overwrite TLS Secrets including the default ingress controller certificate.
Incorrect Permission Assignment for Critical Resource
CIRCL FourQ RCE via Low-Order Point Injection in Diffie-Hellman
CVE-2025-8556
3.7 - Low
- August 06, 2025
A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.
Improper Validation of Specified Type of Input
Emacs URL Redirect Injection: Remote Shell
CVE-2025-1244
8.8 - High
- February 12, 2025
A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Openshift Builds or by Red Hat? Click the Watch button to subscribe.
