Privilege Elevation via Authentication Bypass
Summary
Privilege Elevation via Authentication Bypass. Red Hat rates this important (CVSS 8.8). Weakness: CWE-472. Red Hat lists fixing advisory RHSA-2026:26638 with package dotnet9-0-main-9.0.119-1.hum1, dotnet10-0-main-10.0.109-1.hum1.
What this means
In plain English
Privilege Elevation via Authentication Bypass. Red Hat rates this important (CVSS 8.8). Weakness: CWE-472. Red Hat lists fixing advisory RHSA-2026:26638 with package dotnet9-0-main-9.0.119-1.hum1, dotnet10-0-main-10.0.109-1.hum1. An authentication bypass can allow protected functionality to be reached without completing the intended identity checks.
Recommended action
Primary action: update to a vendor-listed fixed release: dotnet9-0-main-9.0.119-1.hum1, dotnet10-0-main-10.0.109-1.hum1, RHSA-2026:26638.
Rewritten locally from the scraped official advisory data above; no generative API is used. The vendor advisory is authoritative.
Affected versions
No affected-version range was extracted from the source record. The vendor advisory is authoritative — check it before change work.
Official advisory · high-confidence parse· fetched 3 hours ago·verify at source
- dotnet9-0-main-9.0.119-1.hum1
- dotnet10-0-main-10.0.109-1.hum1
- RHSA-2026:26638
Official advisory · high-confidence parse· fetched 3 hours ago·verify at source
Mitigation
Upgrade to a fixed release: dotnet9-0-main-9.0.119-1.hum1, dotnet10-0-main-10.0.109-1.hum1, RHSA-2026:26638. That is the remediation for this advisory.
The vendor advisory may list additional interim mitigations or workarounds not captured here — review it before change work.
Official advisory · high-confidence parse· fetched 3 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.