- Issued:
- 2026-01-30
- Updated:
- 2026-02-11
RHSA-2026:1610 - Critical: Red Hat OpenShift Lightspeed 1.0.9 security update
Synopsis
Critical: Red Hat OpenShift Lightspeed 1.0.9 security update
Type/Severity
Security Advisory Critical
Topic
Red Hat OpenShift Lightspeed 1.0.9 operand images, which provide security fixes and container updates.
Description
Red Hat OpenShift Lightspeed is a generative AI-based virtual assistant integrated into the OpenShift console. It can answer questions related to OpenShift and layered offerings. Security Fix(es): langchain-core: LangChain: Arbitrary code execution via serialization injection (CVE-2025-68664) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.`
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat OpenShift Lightspeed | 1.0.9 | x86_64 |
Fixes
(none)
CVEs
(none)
References
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.