CVE & CISA-KEV Catalog

CVE-2026-4324

MEDIUM
5.4
CVSS v3
NVD

Description

A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into the sort_by parameter of the /api/hosts/bootc_images API endpoint. This can lead to a Denial of Service (DoS) by triggering database errors, and potentially enable Boolean-based Blind SQL injection, which could allow an attacker to extract sensitive information from the database.

How to fix

Remediation Available
dynflow-utilsRed Hat / RHEL
Fixed in:0:2.0.1-1.el9satRHSA-2026:22326
Fixed in:0:2.0.1-1.el9satRHSA-2026:22326
dynflow-utilsRocky
Fixed in:0:2.0.1-1.el9satRHSA-2026:22326
Fixed in:0:2.0.1-1.el9satRHSA-2026:22326
foremanRed Hat / RHEL
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foremanRocky
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-cliRed Hat / RHEL
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foreman-cliRocky
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foreman-debugRocky
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-debugRed Hat / RHEL
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-dynflow-sidekiqRocky
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foreman-dynflow-sidekiqRed Hat / RHEL
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foreman-ec2Rocky
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foreman-ec2Red Hat / RHEL
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foreman-installerRocky
Fixed in:1:3.16.0.6-1.el9satRHSA-2026:5968
Fixed in:1:3.16.0.6-1.el9satRHSA-2026:5968
foreman-installerRed Hat / RHEL
Fixed in:1:3.16.0.6-1.el9satRHSA-2026:5968
Fixed in:1:3.16.0.6-1.el9satRHSA-2026:5968
foreman-installer-katelloRocky
Fixed in:1:3.16.0.6-1.el9satRHSA-2026:5968
foreman-installer-katelloRed Hat / RHEL
Fixed in:1:3.16.0.6-1.el9satRHSA-2026:5968
foreman-journaldRocky
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-journaldRed Hat / RHEL
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-libvirtRed Hat / RHEL
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-libvirtRocky
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foreman-openstackRocky
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foreman-openstackRed Hat / RHEL
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foreman-ovirtRocky
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-ovirtRed Hat / RHEL
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-pcpRed Hat / RHEL
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foreman-pcpRocky
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-postgresqlRocky
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-postgresqlRed Hat / RHEL
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-redisRocky
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foreman-redisRed Hat / RHEL
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-serviceRed Hat / RHEL
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-serviceRocky
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-telemetryRocky
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
foreman-telemetryRed Hat / RHEL
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foreman-vmwareRed Hat / RHEL
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
foreman-vmwareRocky
Fixed in:0:3.16.0.12-1.el9satRHSA-2026:5968
Fixed in:0:3.14.0.14-1.el9satRHSA-2026:5970
libcompsRed Hat / RHEL
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
libcompsRocky
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
libcomps-debuginfoRocky
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
libcomps-debuginfoRed Hat / RHEL
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
libcomps-debugsourceRocky
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
libcomps-debugsourceRed Hat / RHEL
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
openvox-agentRed Hat / RHEL
Fixed in:0:8.24.1-3.el9satRHSA-2026:22326
Fixed in:0:8.24.1-3.el9satRHSA-2026:22326
openvox-agentRocky
Fixed in:0:8.24.1-3.el9satRHSA-2026:22326
Fixed in:0:8.24.1-3.el9satRHSA-2026:22326
pulpcore-obsolete-packagesRed Hat / RHEL
Fixed in:0:1.3.1-2.el9pcRHSA-2026:22326
Fixed in:0:1.3.1-2.el9pcRHSA-2026:22326
pulpcore-obsolete-packagesRocky
Fixed in:0:1.3.1-2.el9pcRHSA-2026:22326
Fixed in:0:1.3.1-2.el9pcRHSA-2026:22326
python-brotliRed Hat / RHEL
Fixed in:0:1.2.0-0.1.el9pcRHSA-2026:5970
python-brotliRocky
Fixed in:0:1.2.0-0.1.el9pcRHSA-2026:5970
python-brotli-debugsourceRocky
Fixed in:0:1.2.0-0.1.el9pcRHSA-2026:5970
python-brotli-debugsourceRed Hat / RHEL
Fixed in:0:1.2.0-0.1.el9pcRHSA-2026:5970
python-djangoRed Hat / RHEL
Fixed in:0:4.2.28-0.1.el9pcRHSA-2026:5970
python-djangoRocky
Fixed in:0:4.2.28-0.1.el9pcRHSA-2026:5970
python-pulp-containerRed Hat / RHEL
Fixed in:0:2.22.3-1.el9pcRHSA-2026:5970
python-pulp-containerRocky
Fixed in:0:2.22.3-1.el9pcRHSA-2026:5970
python-pulp-rpmRocky
Fixed in:0:3.27.10-2.el9pcRHSA-2026:5970
python-pulp-rpmRed Hat / RHEL
Fixed in:0:3.27.10-2.el9pcRHSA-2026:5970
python3-libcompsRed Hat / RHEL
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
python3-libcompsRocky
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
python3-libcomps-debuginfoRocky
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
python3-libcomps-debuginfoRed Hat / RHEL
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
python3.11-brotliRocky
Fixed in:0:1.2.0-0.1.el9pcRHSA-2026:5970
python3.11-brotliRed Hat / RHEL
Fixed in:0:1.2.0-0.1.el9pcRHSA-2026:5970
python3.11-brotli-debuginfoRocky
Fixed in:0:1.2.0-0.1.el9pcRHSA-2026:5970
python3.11-brotli-debuginfoRed Hat / RHEL
Fixed in:0:1.2.0-0.1.el9pcRHSA-2026:5970
python3.11-djangoRed Hat / RHEL
Fixed in:0:4.2.28-0.1.el9pcRHSA-2026:5970
python3.11-djangoRocky
Fixed in:0:4.2.28-0.1.el9pcRHSA-2026:5970
python3.11-libcompsRocky
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
python3.11-libcompsRed Hat / RHEL
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
python3.11-libcomps-debuginfoRed Hat / RHEL
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
python3.11-libcomps-debuginfoRocky
Fixed in:0:0.1.23-0.3.el9pcRHSA-2026:5970
python3.11-pulp-containerRed Hat / RHEL
Fixed in:0:2.22.3-1.el9pcRHSA-2026:5970
python3.11-pulp-containerRocky
Fixed in:0:2.22.3-1.el9pcRHSA-2026:5970
python3.11-pulp-rpmRocky
Fixed in:0:3.27.10-2.el9pcRHSA-2026:5970
python3.11-pulp-rpmRed Hat / RHEL
Fixed in:0:3.27.10-2.el9pcRHSA-2026:5970
python3.12-djangoRed Hat / RHEL
Fixed in:0:4.2.29-1.el9pcRHSA-2026:5968
Fixed in:0:4.2.29-1.el9pcRHSA-2026:5968
python3.12-djangoRocky
Fixed in:0:4.2.29-1.el9pcRHSA-2026:5968
Fixed in:0:4.2.29-1.el9pcRHSA-2026:5968
python3.12-pulp-containerRocky
Fixed in:0:2.24.5-1.el9pcRHSA-2026:5968
Fixed in:0:2.26.13-1.el9pcRHSA-2026:22326
Fixed in:0:2.26.13-1.el9pcRHSA-2026:22326
Fixed in:0:2.24.5-1.el9pcRHSA-2026:5968
python3.12-pulp-containerRed Hat / RHEL
Fixed in:0:2.26.13-1.el9pcRHSA-2026:22326
Fixed in:0:2.24.5-1.el9pcRHSA-2026:5968
Fixed in:0:2.26.13-1.el9pcRHSA-2026:22326
Fixed in:0:2.24.5-1.el9pcRHSA-2026:5968
python3.12-pulp-rpmRed Hat / RHEL
Fixed in:0:3.29.9-1.el9pcRHSA-2026:5968
Fixed in:0:3.29.9-1.el9pcRHSA-2026:5968
python3.12-pulp-rpmRocky
Fixed in:0:3.29.9-1.el9pcRHSA-2026:5968
Fixed in:0:3.29.9-1.el9pcRHSA-2026:5968
python3.12-pulpcoreRocky
Fixed in:0:3.73.26-1.el9pcRHSA-2026:5968
Fixed in:0:3.73.26-1.el9pcRHSA-2026:5968
python3.12-pulpcoreRed Hat / RHEL
Fixed in:0:3.73.26-1.el9pcRHSA-2026:5968
Fixed in:0:3.73.26-1.el9pcRHSA-2026:5968
python3.12-pysequoiaRed Hat / RHEL
Fixed in:0:0.1.33-1.el9pcRHSA-2026:22326
Fixed in:0:0.1.33-1.el9pcRHSA-2026:22326
python3.12-pysequoiaRocky
Fixed in:0:0.1.33-1.el9pcRHSA-2026:22326
Fixed in:0:0.1.33-1.el9pcRHSA-2026:22326
rubygem-fog-kubevirtRed Hat / RHEL
Fixed in:0:1.5.1-1.el9satRHSA-2026:5970
Fixed in:0:1.5.1-1.el9satRHSA-2026:5970
rubygem-fog-kubevirtRocky
Fixed in:0:1.5.1-1.el9satRHSA-2026:5970
Fixed in:0:1.5.1-1.el9satRHSA-2026:5970
rubygem-foreman_googleRed Hat / RHEL
Fixed in:0:3.0.7-1.el9satRHSA-2026:22326
Fixed in:0:3.0.7-1.el9satRHSA-2026:22326
rubygem-foreman_googleRocky
Fixed in:0:3.0.7-1.el9satRHSA-2026:22326
Fixed in:0:3.0.7-1.el9satRHSA-2026:22326
rubygem-foreman_kubevirtRocky
Fixed in:0:0.4.3-1.el9satRHSA-2026:5968
Fixed in:0:0.4.3-1.el9satRHSA-2026:5968
Fixed in:0:0.4.3-1.el9satRHSA-2026:5970
Fixed in:0:0.4.3-1.el9satRHSA-2026:5970
rubygem-foreman_kubevirtRed Hat / RHEL
Fixed in:0:0.4.3-1.el9satRHSA-2026:5970
Fixed in:0:0.4.3-1.el9satRHSA-2026:5968
Fixed in:0:0.4.3-1.el9satRHSA-2026:5970
Fixed in:0:0.4.3-1.el9satRHSA-2026:5968
rubygem-foreman_maintainRocky
Fixed in:1:1.14.4-1.el9satRHSA-2026:22326
Fixed in:1:1.14.4-1.el9satRHSA-2026:22326
rubygem-foreman_maintainRed Hat / RHEL
Fixed in:1:1.14.4-1.el9satRHSA-2026:22326
Fixed in:1:1.14.4-1.el9satRHSA-2026:22326
rubygem-foreman_rh_cloudRocky
Fixed in:0:12.2.17-1.el9satRHSA-2026:5968
Fixed in:0:13.2.9-1.el9satRHSA-2026:22326
Fixed in:0:13.2.9-1.el9satRHSA-2026:22326
Fixed in:0:12.2.17-1.el9satRHSA-2026:5968
rubygem-foreman_rh_cloudRed Hat / RHEL
Fixed in:0:13.2.9-1.el9satRHSA-2026:22326
Fixed in:0:12.2.17-1.el9satRHSA-2026:5968
Fixed in:0:12.2.17-1.el9satRHSA-2026:5968
Fixed in:0:13.2.9-1.el9satRHSA-2026:22326
rubygem-katelloRed Hat / RHEL
Fixed in:0:4.18.0.9-1.el9satRHSA-2026:5968
Fixed in:0:4.20.0.4-1.el9satRHSA-2026:22326
Fixed in:0:4.18.0.9-1.el9satRHSA-2026:5968
Fixed in:0:4.16.0.14-1.el9satRHSA-2026:5970
Fixed in:0:4.16.0.14-1.el9satRHSA-2026:5970
Fixed in:0:4.20.0.4-1.el9satRHSA-2026:22326
rubygem-katelloRocky
Fixed in:0:4.16.0.14-1.el9satRHSA-2026:5970
Fixed in:0:4.18.0.9-1.el9satRHSA-2026:5968
Fixed in:0:4.16.0.14-1.el9satRHSA-2026:5970
Fixed in:0:4.20.0.4-1.el9satRHSA-2026:22326
Fixed in:0:4.20.0.4-1.el9satRHSA-2026:22326
Fixed in:0:4.18.0.9-1.el9satRHSA-2026:5968
rubygem-rubyipmiRocky
Fixed in:0:0.13.0-1.el9satRHSA-2026:5970
Fixed in:0:0.13.0-1.el9satRHSA-2026:5968
Fixed in:0:0.13.0-1.el9satRHSA-2026:5968
Fixed in:0:0.13.0-1.el9satRHSA-2026:5970
rubygem-rubyipmiRed Hat / RHEL
Fixed in:0:0.13.0-1.el9satRHSA-2026:5970
Fixed in:0:0.13.0-1.el9satRHSA-2026:5968
Fixed in:0:0.13.0-1.el9satRHSA-2026:5970
Fixed in:0:0.13.0-1.el9satRHSA-2026:5968
satelliteRed Hat / RHEL
Fixed in:0:6.18.4-2.el9satRHSA-2026:5968
Fixed in:0:6.19.1-1.el9satRHSA-2026:22326
Fixed in:0:6.18.4-2.el9satRHSA-2026:5968
Fixed in:0:6.17.7-1.el9satRHSA-2026:5970
Fixed in:0:6.19.1-1.el9satRHSA-2026:22326
Fixed in:0:6.17.7-1.el9satRHSA-2026:5970
satelliteRocky
Fixed in:0:6.19.1-1.el9satRHSA-2026:22326
Fixed in:0:6.17.7-1.el9satRHSA-2026:5970
Fixed in:0:6.18.4-2.el9satRHSA-2026:5968
Fixed in:0:6.19.1-1.el9satRHSA-2026:22326
Fixed in:0:6.17.7-1.el9satRHSA-2026:5970
Fixed in:0:6.18.4-2.el9satRHSA-2026:5968
satellite-capsuleRed Hat / RHEL
Fixed in:0:6.17.7-1.el9satRHSA-2026:5970
Fixed in:0:6.18.4-2.el9satRHSA-2026:5968
Fixed in:0:6.19.1-1.el9satRHSA-2026:22326
satellite-capsuleRocky
Fixed in:0:6.19.1-1.el9satRHSA-2026:22326
Fixed in:0:6.18.4-2.el9satRHSA-2026:5968
Fixed in:0:6.17.7-1.el9satRHSA-2026:5970
satellite-cliRed Hat / RHEL
Fixed in:0:6.18.4-2.el9satRHSA-2026:5968
Fixed in:0:6.17.7-1.el9satRHSA-2026:5970
Fixed in:0:6.19.1-1.el9satRHSA-2026:22326
satellite-cliRocky
Fixed in:0:6.19.1-1.el9satRHSA-2026:22326
Fixed in:0:6.18.4-2.el9satRHSA-2026:5968
Fixed in:0:6.17.7-1.el9satRHSA-2026:5970
satellite-commonRocky
Fixed in:0:6.18.4-2.el9satRHSA-2026:5968
Fixed in:0:6.19.1-1.el9satRHSA-2026:22326
Fixed in:0:6.17.7-1.el9satRHSA-2026:5970
satellite-commonRed Hat / RHEL
Fixed in:0:6.17.7-1.el9satRHSA-2026:5970
Fixed in:0:6.18.4-2.el9satRHSA-2026:5968
Fixed in:0:6.19.1-1.el9satRHSA-2026:22326
satellite-obsolete-packagesRocky
Fixed in:0:6.18.4-2.el9satRHSA-2026:5968
Fixed in:0:6.17.7-1.el9satRHSA-2026:5970
Fixed in:0:6.19.1-1.el9satRHSA-2026:22326
satellite-obsolete-packagesRed Hat / RHEL
Fixed in:0:6.19.1-1.el9satRHSA-2026:22326
Fixed in:0:6.17.7-1.el9satRHSA-2026:5970
Fixed in:0:6.18.4-2.el9satRHSA-2026:5968
yggdrasil-worker-forwarderRocky
Fixed in:0:0.0.3-4.el9satRHSA-2026:5970
Fixed in:0:0.0.3-4.el9satRHSA-2026:5970
Fixed in:0:0.0.3-4.el9satRHSA-2026:5968
Fixed in:0:0.0.3-4.el9satRHSA-2026:5968
yggdrasil-worker-forwarderRed Hat / RHEL
Fixed in:0:0.0.3-4.el9satRHSA-2026:5968
Fixed in:0:0.0.3-4.el9satRHSA-2026:5970
Fixed in:0:0.0.3-4.el9satRHSA-2026:5968
Fixed in:0:0.0.3-4.el9satRHSA-2026:5970

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityLow
IntegrityNone
AvailabilityLow

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

Exploit Intelligence

0.26%probability of exploitation in 30 days
18thpercentile

Low risk: more likely to be exploited than 18% of all known CVEs.

References

Related Vulnerabilities

Other CWE-89 (SQL Injection) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2014-3704High7.5100%-Fix
CVE-2015-7297High7.5100%--
CVE-2024-29824High8.8100%KEVFix
CVE-2023-34362Critical9.8100%KEV + RansomFix
CVE-2019-7481High7.5100%KEV + RansomFix
CVE-2024-29826High8.8100%-Fix
Embed a live status badge for CVE-2026-4324
CVE-2026-4324 severity badge

Markdown

[![CVE-2026-4324](https://tridentstack.com/cve/badge/CVE-2026-4324.svg)](https://tridentstack.com/cve/CVE-2026-4324)

HTML

<a href="https://tridentstack.com/cve/CVE-2026-4324"><img src="https://tridentstack.com/cve/badge/CVE-2026-4324.svg" alt="CVE-2026-4324"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-06-01.