Important: Red Hat Security Advisory: RHTAS 1.4 - GA Release of Model Transparency 1.0.1

🗓️ 08 Jun 2026 13:12:26Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 4 Views

Red Hat RHTAS 1.4 Model Transparency 1.0.1 CLI image for signing and verifying AI workloads.

Reporter	Title	Published	Views	Family All 537
IBM Security Bulletins	Security Bulletin: Maximo AI Service uses multiple third party dependencies which is vulnerable to multiple CVEs.	31 Mar 202613:54	–	ibm
IBM Security Bulletins	Security Bulletin: : Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in dependencies	8 Jun 202614:50	–	ibm
IBM Security Bulletins	Security Bulletin: Storage Virtualize Ansible Collection is affected by a vulnerability in the cryptography package	21 May 202612:03	–	ibm
IBM Security Bulletins	Security Bulletin: Location Service for ESRI Component uses urllib3-2.6.3 library which was vulnerable to CVE-2026-44431 and CVE-2026-44432	27 May 202613:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in cryptography-46.0.3-cp311-abi3-macosx_10_9_universal2.whl	13 May 202603:59	–	ibm
IBM Security Bulletins	Security Bulletin: There is a vulnerability in pyasn1-0.6.1.tar.gz used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-23490)	2 Feb 202612:13	–	ibm
IBM Security Bulletins	Security Bulletin: Location Service for ESRI Component uses cryptography-46.0.6, pyasn1-0.6.2, requests-2.32.5 and cryptography-46.0.5 library which were vulnerable to multiple CVEs	5 May 202603:01	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in pyasn1 affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.	4 May 202614:26	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - Monitor Component uses pyasn1-0.6.1.tar.gz which is vulnerable to CVE-2026-23490.	27 Feb 202611:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Edge Data Collector uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl, cryptography-46.0.6-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-34073, CVE-2026-39892	29 May 202610:14	–	ibm

Source	Link
access	www.access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4
access	www.access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index
access	www.access.redhat.com/security/cve/CVE-2026-23490
access	www.access.redhat.com/security/cve/CVE-2026-39892
access	www.access.redhat.com/security/cve/CVE-2026-44431
access	www.access.redhat.com/security/cve/CVE-2026-44432
access	www.access.redhat.com/security/updates/classification/

08 Jun 2026 19:11Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.17.5 - 9.8

CVSS 48.9

EPSS0.00032

SSVC

Red Hat Model Transparency signing artifacts verifying workloads artificial intelligence workloads