CVE-2026-4802
Cockpit: cockpit: arbitrary command execution via crafted links in system logs ui
CVSS Score
8.0
EPSS Score
0.3%
EPSS Percentile
51th
A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface (UI). An attacker can inject shell metacharacters and command substitutions into these parameters, leading to the execution of arbitrary shell commands on the affected system. This could result in a complete system compromise.
| CWE | CWE-78 |
| Vendor | red hat |
| Product | red hat enterprise linux 10 |
| Published | May 11, 2026 |
| Last Updated | May 28, 2026 |
Stay Ahead of the Next One
Get instant alerts for red hat red hat enterprise linux 10
Be the first to know when new high vulnerabilities affecting red hat red hat enterprise linux 10 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
Red Hat / Red Hat Enterprise Linux 10
All versions affected Red Hat / Red Hat Enterprise Linux 10.0 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Telecommunications Update Service
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 8.8 Telecommunications Update Service
All versions affected Red Hat / Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 9.6 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected References
access.redhat.com: https://access.redhat.com/errata/RHSA-2026:21390 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:21392 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:21394 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:21395 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:21468 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:21515 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:21516 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:21647 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:21676 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:21700 access.redhat.com: https://access.redhat.com/security/cve/CVE-2026-4802 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2451155 github.com: https://github.com/cockpit-project/cockpit/blob/e204cd130/pkg/systemd/logsJournal.jsx#L206-L210 openwall.com: http://www.openwall.com/lists/oss-security/2026/05/20/19
Credits
Red Hat would like to thank Gabriel Rodrigues (HAKAI) for reporting this issue.