RHSA-2026:26234 - Security Advisory

Topic

Red Hat Developer Hub 1.9.5 has been released.

Description

Red Hat Developer Hub (RHDH) is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.

Solution

For more about Red Hat Developer Hub, see References links

Affected Products

• Red Hat Developer Hub

Fixes

• RHDHBUGS-3128 - [1.9.5] Operator reconciliation loop caused by non-deterministic Go map iteration order in ConfigMap key handling => pod restarts when using StatefulSet workload

CVEs

• CVE-2026-24781
• CVE-2026-32281
• CVE-2026-41242
• CVE-2026-41672
• CVE-2026-41673
• CVE-2026-41674
• CVE-2026-41675
• CVE-2026-42033
• CVE-2026-42035
• CVE-2026-42039
• CVE-2026-42041
• CVE-2026-42043
• CVE-2026-42044
• CVE-2026-44293
• CVE-2026-44486
• CVE-2026-44487
• CVE-2026-44488
• CVE-2026-44492
• CVE-2026-44494
• CVE-2026-44495
• CVE-2026-44496
• CVE-2026-6321
• CVE-2026-6322
• CVE-2026-9277

References

• https://access.redhat.com/security/updates/classification/
• https://catalog.redhat.com/search?gs&searchType=containers&q=rhdh
• https://developers.redhat.com/rhdh/overview
• https://docs.redhat.com/en/documentation/red_hat_developer_hub
• https://issues.redhat.com/browse/RHDHBUGS-3128