Skip to content

Cockpit

v310.8 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 14d Server & OS Management
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

cockpit javascript linux-servers

Affected surfaces

crypto_tls deps

Summary

AI summary

Fixed an uninitialized read vulnerability (CVE-2026-4802) in systemd argument handling.

Changes in this release

Security Medium

Robustify argument quoting to address CVE-2026-4802

Robustify argument quoting to address CVE-2026-4802

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Feature Medium

Tighten up branding path construction

Tighten up branding path construction

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: low
Bugfix Medium

Fix uninitialized read in tls-sniffing code

Fix uninitialized read in tls-sniffing code

Source: granite4.1:8b-q6_K@2026-05-20

Confidence: high
Full changelog
  • ws: fix uninitialized read in tls-sniffing code
  • ws: tighten up branding path construction
  • pkg/systemd: robustify argument quoting [CVE-2026-4802]

Security Fixes

  • CVE-2026-4802 — uninitialized read in systemd argument quoting
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Cockpit

Get notified when new releases ship.

Sign up free

About Cockpit

Cockpit is a web-based graphical interface for servers.

All releases →

Related context

Related CVEs

Beta — feedback welcome: [email protected]