Zero Day MonitorZDM

← Back to list

5.4

CVE-2026-6848

red hat · red hat quay

Quay: red hat quay: authentication bypass allows privileged actions without valid credentials

Description

A flaw was found in Red Hat Quay. When Red Hat Quay requests password re-verification for sensitive operations, such as token generation or robot account creation, the re-authentication prompt can be bypassed. This allows a user with a timed-out session, or an attacker with access to an idle authenticated browser session, to perform privileged actions without providing valid credentials. The vulnerability enables unauthorized execution of sensitive operations despite the user interface displaying an error for invalid credentials.

Affected Products

Vendor	Product	Versions
red hat	red hat quay	—

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
red hat	quay	cert_advisory	90%

References

https://access.redhat.com/security/cve/CVE-2026-6848(vdb-entry, x_refsource_REDHAT)
https://bugzilla.redhat.com/show_bug.cgi?id=2460119(issue-tracking, x_refsource_REDHAT)

Related News (2 articles)

Tier B

BSI Advisories5d ago

[NEU] [UNGEPATCHT] [mittel] Red Hat Quay: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

→ No new info (linked only)

Tier C

VulDB6d ago

CVE-2026-6848 | Red Hat Quay 3 User Interface session expiration

→ No new info (linked only)

CVSS 3.15.4 NONE

CISA KEV❌ No

Actively exploited❌ No

CWECWE-613

PublishedApr 22, 2026

Last enriched6d agov2

Trending Score17

Source articles2

Independent2

Info Completeness7/14

Missing: versions, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

NONECVE-2026-7309

Openshift-controller-manager: openshift container platform: information disclosure via environment variable injection

Multiple Vulnerabilities in Red Hat Products Allow Remote Code Execution, File Manipulation, and Denial of Service

NONECVE-2025-14831

Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification

MEDIUMCVE-2025-66286

Webkitgtk: authorization bypass through webpage::send-request signal handler

NONECVE-2026-6855EXP

Instructlab: instructlab: path traversal allows arbitrary directory creation and file write

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 22, 2026

Discovered by ZDM

Apr 22, 2026

Updated: severity

Apr 22, 2026

Version History

v2

Last enriched 6d ago

v2Tier C6d ago

Updated severity to CRITICAL and clarified that no exploit exists.

severity

via VulDB

v16d ago

Initial creation