Fedora 44 Cockpit Important Update CVE-2026-4631 Remote Command Execution

fedora

April 16, 2026

Automatic update for cockpit-360.1-1.fc44

Summary

The Cockpit Web Console enables users to administer GNU/Linux servers using a

web browser.

It offers network configuration, log inspection, diagnostic reports, SELinux

troubleshooting, interactive command-line sessions, and more.

Update Information:

Automatic update for cockpit-360.1-1.fc44. Changelog for cockpit * Tue Apr 14 2026 Packit - 360.1-1 - Prevent overmounting also for btrfs subvolumes (https://bugzilla.redhat.com/show_bug.cgi?id=2455855) - Remove "Mount" action in Anaconda mode (https://bugzilla.redhat.com/show_bug.cgi?id=2455855) * Wed Apr 08 2026 Packit - 360-1 - ws: be more explicit when handling hostnames on cli [CVE-2026-4631] - ws: support loading a custom login page - Translation updates Automatic update for cockpit-360-1.fc44. Changelog for cockpit * Wed Apr 08 2026 Packit - 360-1 - ws: be more explicit when handling hostnames on cli [CVE-2026-4631] - ws: support loading a custom login page - Translation updates

Topics Covered

security advisory fedora remote code execution important SSH web console

Change Log

* Tue Apr 14 2026 Packit - 360.1-1 - Prevent overmounting also for btrfs subvolumes (https://bugzilla.redhat.com/show_bug.cgi?id=2455855) - Remove "Mount" action in Anaconda mode (https://bugzilla.redhat.com/show_bug.cgi?id=2455855) * Wed Apr 8 2026 Packit - 360-1 - ws: be more explicit when handling hostnames on cli [CVE-2026-4631] - ws: support loading a custom login page - Translation updates

References

[ 1 ] Bug #2455855 - Storage editor fails to prevent mounting btrfs / subv over /home subv https://bugzilla.redhat.com/show_bug.cgi?id=2455855 [ 2 ] Bug #2458620 - CVE-2026-4631 cockpit: Cockpit: Unauthenticated remote code execution due to SSH command-line argument injection https://bugzilla.redhat.com/show_bug.cgi?id=2458620

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-ea792bf240' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity

important

Lowest

Low

Medium

High

Critical

Name: cockpit

Product: Fedora 44

Version: 360.1

Release: 1.fc44

URL: https://cockpit-project.org/

Summary: Web Console for Linux servers

Topics Covered

security advisory fedora remote code execution important SSH web console

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 44 Cockpit Important Update CVE-2026-4631 Remote Command Execution

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 44 Cockpit Important Update CVE-2026-4631 Remote Command Execution

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!