Red Hat Quay Re-auth Bypass Allows Privileged Ops
CVE-2026-6848 Published on April 22, 2026

Quay: red hat quay: authentication bypass allows privileged actions without valid credentials
A flaw was found in Red Hat Quay. When Red Hat Quay requests password re-verification for sensitive operations, such as token generation or robot account creation, the re-authentication prompt can be bypassed. This allows a user with a timed-out session, or an attacker with access to an idle authenticated browser session, to perform privileged actions without providing valid credentials. The vulnerability enables unauthorized execution of sensitive operations despite the user interface displaying an error for invalid credentials.

NVD

Vulnerability Analysis

CVE-2026-6848 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
LOW
Integrity Impact:
LOW
Availability Impact:
NONE

Timeline

Reported to Red Hat.

Made public.

Weakness Type

Insufficient Session Expiration

According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."


Products Associated with CVE-2026-6848

Want to know whenever a new CVE is published for Red Hat Quay? stack.watch will email you.

Red Hat Quay
 

Affected Versions

Red Hat Quay 3: Red Hat Quay 3: