This update for cockpit-tukit fixes the following issues:
- CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive CPU and memory consumption and
may crash a Node.js process (bsc#1257836).
- CVE-2026-26996: minimatch: ReDoS when glob pattern contains many consecutive wildcards followed by a literal character
that doesn't appear in the test string (bsc#1258641).