cockpit-doc (AlmaLinux:10) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:10 package cockpit-doc, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2026-4631 — CVSS 9.8 (critical): Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or…
CVE-2026-4802 — CVSS 8.0 (high): A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting…