Fedora 43 Ansible-Core Important Argument Injection Fix CVE-2026-11332
fedora
June 19, 2026
Mitigates CVE-2026-11332 (rhbz#2485397)
Summary
Ansible is a radically simple model-driven configuration management,
multi-node deployment, and remote task execution system. Ansible works
over SSH and does not require any software or daemons to be installed
on remote nodes. Extension modules can be written in any language and
are transferred to managed machines automatically.
This is the base part of ansible (the engine).
Update Information:
Mitigates CVE-2026-11332 (rhbz#2485397)
Change Log
* Thu Jun 11 2026 Maxwell G
References
[ 1 ] Bug #2485397 - CVE-2026-11332 ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2485397
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-f027f57724' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Name: ansible-core
Product: Fedora 43
Version: 2.18.18~rc1
Release: 1.fc43
URL: https://ansible.com
Summary: A radically simple IT automation system
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!