CVE-2026-41988
lowCVSS v3 Base Score
2.8
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
EPSS Score
0.0%
Exploitation probability in 30 days
Top 95% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Confidentiality
None
Integrity
Low
Availability
None
Published: April 23, 2026 (78 days ago)
Last Modified: April 23, 2026
Vendor: Red Hat
Source: REDHAT
Vulnerability Report
Generated by CyberWatcher
Description
A flaw was found in uuid. When external output buffers are used with UUID versions 3, 5, or 6, an attacker with local access may be able to cause unexpected data writes. This vulnerability could lead to low impact data integrity issues. UUID version 4 is not affected.
CWE
CWE-787Affected Products
Confidential Cluster OperatorConfidential Compute AttestationCryostat 4Gatekeeper 3Lightspeed CoreLogging Subsystem for Red Hat OpenShiftMigration Toolkit for ContainersMulticluster Engine for KubernetesNode HealthCheck OperatorOpenShift Lightspeed