logo

Critical Event-Driven Ansible Flaw Leaks Stored Credentials

ID: e1ff26fb-468c-5a4d-ac78-d082a287491c

STIX ID: report--e1ff26fb-468c-5a4d-ac78-d082a287491c

Feed Name: securityonline.info

Threat Score
75/100

Date Published: 2026-06-26

Date Updated: 2026-06-26

Author: Do Son

...
...

**Critical vulnerability (CVE-2026-11807)**: Event-Driven Ansible's websocket API in Red Hat Ansible Automation Platform 2.5/2.6 contains a missing authorization bug that allows any authenticated user to request arbitrary activation IDs and receive stored plaintext credentials (OAuth tokens, vault passwords, SSH keys); Red Hat rated it CVSS 9.6 and has released patches — apply updates, restrict websocket access, and rotate exposed credentials.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.