VDB
RHSA-2026%3A26546
RHSA-2026%3A26546
PUBLISHED
CVSS 8.199999809265137 HIGH
A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
Risk Scores
CVSS 3.1
8.199999809265137
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9 | *, * |
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes |
…and 26 more
Timeline
- Jun 17, 2026 CVE Published
- Jun 18, 2026 Distribution Patch
- Jun 18, 2026 Distribution Patch
- Jun 18, 2026 Security Advisory
- Jun 18, 2026 Security Advisory
- Jun 18, 2026 Security Advisory
- Jul 7, 2026 CVE Updated
- Jul 7, 2026 Security Advisory
- Jul 7, 2026 Security Advisory
- Jul 7, 2026 Security Advisory
- Jul 7, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2026:26546 advisory
- https://access.redhat.com/security/cve/CVE-2026-39821 advisory
- https://access.redhat.com/security/cve/CVE-2026-46595 advisory
- https://access.redhat.com/security/updates/classification/ advisory
- https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-498_release-notes-49 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26546.json advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2480756 issue
- https://www.cve.org/CVERecord?id=CVE-2026-39821 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-39821 advisory
- https://go.dev/cl/767220 advisory
- https://go.dev/issue/78760 advisory
- https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8 advisory
- https://pkg.go.dev/vuln/GO-2026-5026 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2480689 issue
- https://www.cve.org/CVERecord?id=CVE-2026-46595 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-46595 advisory
- https://go.dev/cl/781642 advisory
- https://go.dev/issue/79570 advisory
- https://groups.google.com/g/golang-announce/c/a082jnz-LvI advisory
- https://pkg.go.dev/vuln/GO-2026-5023 advisory
…and 29 more