Is Red Hat Enterprise Linux 10 getting security updates?
On an OS release, security comes from applied updates, not the release number. Install the fixes below with sudo dnf upgrade --security.
Recent security notices (RHSA) affecting 10
From Red Hat Security Advisories — newest first. Open for the full advisory.
RHSA-2026:25520 RHSA-2026:25520 — krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read (moderate) 1 CVE RHSA-2026:25110 RHSA-2026:25110 — ASP.NET Core: Denial of Service via uncontrolled resource consumption (important) 2 CVEs RHSA-2026:25239 RHSA-2026:25239 — OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing (low) 14 CVEs RHSA-2026:26275 RHSA-2026:26275 — Heap Use-After-Free in OpenSSL PKCS7_verify() (important) 1 CVECVEs in these notices
Each links to Red Hat's CVE tracker (per-release fix status).
Other Red Hat Enterprise Linux releases
Frequently asked
Is Red Hat Enterprise Linux 10 still getting security updates?
Red Hat Enterprise Linux 10 is supported and receiving security updates until 2035-05-31. The 4 most recent Red Hat Security Advisories (RHSA) for it cover 18 CVEs. On an OS release, security comes from applied updates, not the release number — run sudo dnf upgrade --security to install these fixes.
When does Red Hat Enterprise Linux 10 reach end-of-life?
Red Hat Enterprise Linux 10 is supported until 2035-05-31.
Built from Red Hat Security Advisories and endoflife.date. An OS release's security depends on the updates you've actually applied, not its version — always verify with Red Hat's official advisories ↗ and keep your system current.