Alerts This Week
Warning Icon 1 1,039
Alerts This Week
Warning Icon 1 1,039

Fedora 44 Goose Important Unauthorized Access Vulnerability 2026-00021c7c91

fedora
Calendar Grey June 25, 2026
Dist Fedora Esm H88
Goose 1.36.0 update for Fedora improves AI automation for developers. Critical patch fixes unauthorized access risk.
Update goose to 1.36.0

Summary

Goose is your on-machine AI agent, capable of automating complex development

tasks from start to finish. More than just code suggestions, goose can build

entire projects from scratch, write and execute code, debug failures,

orchestrate workflows, and interact with external APIs - autonomously.

Whether you're prototyping an idea, refining existing code, or managing

intricate engineering pipelines, goose adapts to your workflow and executes

tasks with precision.

Designed for maximum flexibility, goose works with any LLM and supports

multi-model configuration to optimize performance and cost, seamlessly

integrates with MCP servers, and is available as both a desktop app as well as

CLI - making it the ultimate AI assistant for developers who want to move

faster and focus on innovation.

Update Information:

Update goose to 1.36.0

Topics%20covered

Topics Covered

security advisory unauthorized access fedora important goose AI agent

Change Log

* Wed Jun 17 2026 Sam Doran - 1.36.0-1 - Update goose to 1.36.0

References


[ 1 ] Bug #2477786 - CVE-2026-42559 goose: rmcp: Unauthorized access to MCP server via DNS rebinding vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2477786 [ 2 ] Bug #2477787 - CVE-2026-42559 goose: rmcp: Unauthorized access to MCP server via DNS rebinding vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2477787

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-00021c7c91' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: goose
Product: Fedora 44
Version: 1.36.0
Release: 1.fc44
URL: https://github.com/block/goose
Summary: Extensible AI agent client

Topics%20covered

Topics Covered

security advisory unauthorized access fedora important goose AI agent

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here