Red Hat Enterprise Linux Packages Patched for urllib3 and Python Protobuf DoS Flaws
Red Hat Enterprise Linux users were alerted to multiple package-level vulnerabilities that can cause denial of service, affecting both urllib3 and Python Protobuf components distributed for the platform. One advisory reported multiple flaws in urllib3 that could be abused to disrupt application availability, while a separate advisory identified a denial-of-service vulnerability in Python Protobuf.
The notices indicate that the impact is centered on service interruption rather than code execution, but the affected libraries are widely used in Python-based applications and backend services on Red Hat Enterprise Linux systems. Organizations running exposed or business-critical workloads that depend on these packages should prioritize reviewing installed versions, applying Red Hat-provided updates, and validating that dependent applications remain stable after remediation.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
4 events from the most recent confirmed update back to the earliest known activity.
dCERT issues advisory 2026-0471 for RHEL Python Protobuf vulnerability
dCERT published advisory 2026-0471 for a denial-of-service vulnerability affecting the Python Protobuf component in Red Hat Enterprise Linux.
dCERT issues advisory 2026-0205 for RHEL urllib3 vulnerabilities
dCERT published advisory 2026-0205 covering multiple vulnerabilities in Red Hat Enterprise Linux's urllib3 component that could allow denial of service.
dCERT issues advisory 2026-0197 for OpenShift urllib3 vulnerability
dCERT published advisory 2026-0197 for a denial-of-service vulnerability affecting the urllib3 component in Red Hat OpenShift and OpenShift AI. The advisory identifies the issue as impacting OpenShift-related products rather than Red Hat Enterprise Linux.
dCERT issues advisory 2026-0010 for multiple RHEL vulnerabilities
dCERT published advisory 2026-0010 covering multiple vulnerabilities affecting Red Hat Enterprise Linux. The reference identifies this as a separate RHEL advisory from later urllib3 and Python Protobuf notices.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
4 references tracked. Mallory keeps watching after this page renders.
dCERT - Advisory 2026-0471 - Red Hat Enterprise Linux (Python Protobuf): Vulnerability allows Denial of Service
dcert.de
Open sourcedCERT - Advisory 2026-0205 - Red Hat Enterprise Linux (urllib3): Multiple Vulnerabilities allow Denial of Service
dcert.de
Open sourcedCERT - Advisory 2026-0197 - Red Hat OpenShift and OpenShift AI (urllib3): Vulnerability allows Denial of Service
dcert.de
Open sourcedCERT - Advisory 2026-0010 - Red Hat Enterprise Linux: Multiple Vulnerabilities
dcert.de
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Red Hat Enterprise Linux Flaws in pcs and go-jose Enable Denial of Service
dCERT issued advisories for two **Red Hat Enterprise Linux** components, warning that vulnerabilities in `pcs` and `go-jose` could be exploited to cause **denial-of-service** conditions. Advisory `2026-1092` covers the `pcs` package, while advisory `2026-1245` addresses `go-jose`, indicating that separate weaknesses in commonly deployed RHEL software may allow attackers to disrupt service availability. The notices provide limited public technical detail, but they identify both issues as affecting Red Hat Enterprise Linux environments and potentially impacting system stability or application availability. Organizations running RHEL systems that rely on clustering functionality through `pcs` or authentication and cryptographic operations through `go-jose` should review the relevant vendor advisories and apply available updates or mitigations to reduce exposure to service disruption.
Apr 27, 2026
Red Hat Linux Kernel Vulnerabilities Prompt Broad Update Advisory
The Canadian Centre for Cyber Security issued two notices warning that Red Hat had published multiple security advisories for vulnerabilities affecting several products, with a particular focus on **Linux kernel** updates. The affected offerings include **Red Hat CodeReady Linux Builder**, **Red Hat Enterprise Linux**, **Red Hat Enterprise Linux Server**, and **Red Hat Enterprise Linux for Real Time** across multiple versions and platforms. The first notice, `AV26-318`, covered Red Hat advisories released between March 30 and April 5, while the second, `AV26-341`, covered advisories published between April 6 and 12. In both cases, the Cyber Centre urged users and administrators to review the referenced Red Hat advisories and apply the necessary updates to address the disclosed vulnerabilities.
May 11, 2026
Python Packaging and CPython Flaws Enable Privilege Escalation and Security Bypass
dCERT issued advisories for two Python-related vulnerabilities affecting **Red Hat Enterprise Linux** and **CPython**. One advisory warns that a flaw in `python-wheel` on Red Hat Enterprise Linux can allow **privilege escalation** and **arbitrary code execution**, creating a path for attackers to gain elevated access and run malicious code on affected systems. A second dCERT advisory reports a **CPython** vulnerability that can **bypass security measures**, indicating that protections relying on expected interpreter behavior may be undermined on vulnerable deployments. Together, the advisories highlight risk across both the Python runtime and packaging ecosystem, with potential impact ranging from weakened defensive controls to full code execution on enterprise Linux environments.
May 15, 2026