CVE-2026-4802

EUVD-2026-29051
A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface (UI). An attacker can inject shell metacharacters and command substitutions into these parameters, leading to the execution of arbitrary shell commands on the affected system. This could result in a complete system compromise.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
cockpit
RHEL 8
0:310.8-1.el8_10
fixed
RHEL 8.6 AUS
0:264.3-1.el8_6
fixed
RHEL 8.6 E4S
0:264.3-1.el8_6
fixed
RHEL 8.6 TUS
0:264.3-1.el8_6
fixed
RHEL 8.8 E4S
0:286.2-1.el8_8
fixed
RHEL 8.8 TUS
0:286.2-1.el8_8
fixed
RHEL 9
0:356.2-1.el9_8
fixed
cockpit-bridge
RHEL 8
0:310.8-1.el8_10
fixed
RHEL 8.6 AUS
0:264.3-1.el8_6
fixed
RHEL 8.6 E4S
0:264.3-1.el8_6
fixed
RHEL 8.6 TUS
0:264.3-1.el8_6
fixed
RHEL 8.8 E4S
0:286.2-1.el8_8
fixed
RHEL 8.8 TUS
0:286.2-1.el8_8
fixed
RHEL 9
0:356.2-1.el9_8
fixed
cockpit-doc
RHEL 8
0:310.8-1.el8_10
fixed
RHEL 8.6 AUS
0:264.3-1.el8_6
fixed
RHEL 8.6 E4S
0:264.3-1.el8_6
fixed
RHEL 8.6 TUS
0:264.3-1.el8_6
fixed
RHEL 8.8 E4S
0:286.2-1.el8_8
fixed
RHEL 8.8 TUS
0:286.2-1.el8_8
fixed
RHEL 9
0:356.2-1.el9_8
fixed
cockpit-packagekit
RHEL 9
0:356.2-1.el9_8
fixed
cockpit-storaged
RHEL 9
0:356.2-1.el9_8
fixed
cockpit-system
RHEL 8
0:310.8-1.el8_10
fixed
RHEL 8.6 AUS
0:264.3-1.el8_6
fixed
RHEL 8.6 E4S
0:264.3-1.el8_6
fixed
RHEL 8.6 TUS
0:264.3-1.el8_6
fixed
RHEL 8.8 E4S
0:286.2-1.el8_8
fixed
RHEL 8.8 TUS
0:286.2-1.el8_8
fixed
RHEL 9
0:356.2-1.el9_8
fixed
cockpit-ws
RHEL 8
0:310.8-1.el8_10
fixed
RHEL 8.6 AUS
0:264.3-1.el8_6
fixed
RHEL 8.6 E4S
0:264.3-1.el8_6
fixed
RHEL 8.6 TUS
0:264.3-1.el8_6
fixed
RHEL 8.8 E4S
0:286.2-1.el8_8
fixed
RHEL 8.8 TUS
0:286.2-1.el8_8
fixed
RHEL 9
0:356.2-1.el9_8
fixed
cockpit-ws-selinux
RHEL 9
0:356.2-1.el9_8
fixed
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://access.redhat.com/errata/RHSA-2026:21390
https://access.redhat.com/errata/RHSA-2026:21392
https://access.redhat.com/errata/RHSA-2026:21394
https://access.redhat.com/errata/RHSA-2026:21395
https://access.redhat.com/errata/RHSA-2026:21468
https://access.redhat.com/errata/RHSA-2026:21515
https://access.redhat.com/errata/RHSA-2026:21516
https://access.redhat.com/errata/RHSA-2026:21647
https://access.redhat.com/errata/RHSA-2026:21676
https://access.redhat.com/errata/RHSA-2026:21700
https://access.redhat.com/security/cve/CVE-2026-4802
https://bugzilla.redhat.com/show_bug.cgi?id=2451155
https://github.com/cockpit-project/cockpit/blob/e204cd130/pkg/systemd/logsJournal.jsx#L206-L210
http://www.openwall.com/lists/oss-security/2026/05/20/19