diff --git a/.gitignore b/.gitignore
index bdd8112..867106c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,6 @@
 SOURCES/centossecureboot201.cer
 SOURCES/centossecurebootca2.cer
-SOURCES/linux-4.18.0-553.132.1.rt7.473.el8_10.tar.xz
+SOURCES/linux-4.18.0-553.134.1.rt7.475.el8_10.tar.xz
 SOURCES/redhatsecureboot302.cer
 SOURCES/redhatsecureboot303.cer
 SOURCES/redhatsecureboot501.cer
diff --git a/.kernel-rt.metadata b/.kernel-rt.metadata
index fd488ac..8d8b2ff 100644
--- a/.kernel-rt.metadata
+++ b/.kernel-rt.metadata
@@ -1,6 +1,6 @@
 2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer
 bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer
-cf51fe162df00b37f9d32e399cf192e94dc06f53 SOURCES/linux-4.18.0-553.132.1.rt7.473.el8_10.tar.xz
+3a8e561f114357abb10b351a5ca206e12831fcd4 SOURCES/linux-4.18.0-553.134.1.rt7.475.el8_10.tar.xz
 13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer
 e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer
 ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
index acb12a4..f6cedd7 100644
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 553.132.1.rt7.473.el8_10
+%define pkgrelease 553.134.1.rt7.475.el8_10
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.132.1.rt7.473%{?dist}
+%define specrelease 553.134.1.rt7.475%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -148,7 +148,7 @@
 # The preempt RT patch level
 %global rttag .rt7
 # realtimeN
-%global rtbuild .473
+%global rtbuild .475
 %define with_doc 0
 %define with_headers 0
 %define with_cross_headers 0
@@ -2710,6 +2710,19 @@ fi
 #
 #
 %changelog
+* Fri Jun 12 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.134.1.rt7.475.el8_10]
+- wifi: mac80211: remove station if connection prep fails (Jose Ignacio Tornos Martinez) [RHEL-180120] {CVE-2026-46125}
+- wifi: mac80211: drop stray 'static' from fast-RX rx_result (CKI Backport Bot) [RHEL-180058] {CVE-2026-46152}
+- Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (CKI Backport Bot) [RHEL-179360] {CVE-2026-46056}
+- netfilter: flowtable: strictly check for maximum number of actions (Florian Westphal) [RHEL-176909] {CVE-2026-43329}
+- netfilter: nf_tables_offload: add nft_flow_action_entry_next() and use it (Florian Westphal) [RHEL-176909] {CVE-2026-43329}
+- mptcp: fix slab-use-after-free in __inet_lookup_established (Davide Caratti) [RHEL-171500] {CVE-2026-31669}
+- xen/privcmd: fix double free via VMA splitting (Vitaly Kuznetsov) [RHEL-172482] {CVE-2026-31787}
+- wifi: brcmfmac: validate bsscfg indices in IF events (CKI Backport Bot) [RHEL-173853] {CVE-2026-43110}
+
+* Wed Jun 10 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.133.1.rt7.474.el8_10]
+- Buffer overflow in drivers/xen/sys-hypervisor.c (CKI Backport Bot) [RHEL-172504] {CVE-2026-31786}
+
 * Wed Jun 10 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.132.1.rt7.473.el8_10]
 - ip6_tunnel: clear skb2->cb[] in ip4ip6_err() (Guillaume Nault) [RHEL-172640] {CVE-2026-43037}
 - dlm: fix buffer overflow from negative len in dlm_search_rsb_tree (Alexander Aring) [RHEL-173986] {CVE-2026-43125}