cockpit-ws-selinux (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package cockpit-ws-selinux, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2026-4631 — CVSS 9.8 (critical): Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or…
CVE-2026-4802 — CVSS 8.0 (high): A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting…