CVE-2026-11419

creationtimestamp| type| source ---|---|--- 2026-06-05 20:50:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnkzcm7lbt24 2026-06-06 04:30:29+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mnlsyefnvw23 2026-06-06 04:30:42+00:00| seen|...

CVE-2025-11419

creationtimestamp| type| source ---|---|--- 2025-12-23 22:07:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3maor3y3dqu2x 2026-04-20 19:17:48+00:00| seen| Telegram/KXW7G8PyXXZwX9Od1pYkShAhyWITcXi61d9qyY3YKOVjQs...

org.keycloak:keycloak-junit5 (>=21.1.0 <=26.0.1), org.keycloak:keycloak-quarkus-integration-tests (>=17.0.0 <=21.0.2) +1 more potentially affected by CVE-2025-11419 via org.keycloak:keycloak-quarkus-dist (>=17.0.0 <=26.0.1)

org.keycloak:keycloak-quarkus-dist MAVEN version =17.0.0, =21.1.0, =17.0.0, =26.0.0, =26.0.1 Source cves: CVE-2025-11419 Source advisory: OSV:GHSA-Q8HQ-4H99-FJ7X...

Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.2.10 Images Security Update

New images are available for Red Hat build of Keycloak 26.2.10 and Red Hat build of Keycloak 26.2.10 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Ha...

Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.0.16 Update

New Red Hat build of Keycloak 26.0.16 packages are available from the Customer Portal Red Hat build of Keycloak 26.0.16 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security...

org.keycloak:keycloak-junit5 (>=26.0.0 <=26.0.1), org.keycloak:keycloak-test-framework (>=26.0.0 <=26.0.1) potentially affected by CVE-2025-11419 via org.keycloak:keycloak-quarkus-dist (>=26.0.0 <=26.0.1)

org.keycloak:keycloak-quarkus-dist MAVEN version =26.0.0, =26.0.0, =26.0.0, =26.0.1 Source cves: CVE-2025-11419 Source advisory: SNYK:JAVA-ORGKEYCLOAK-13517527...

org.keycloak.testframework:keycloak-test-framework-clustering (=26.4.0), org.keycloak.testframework:keycloak-test-framework-core (=26.4.0) +14 more potentially affected by CVE-2025-11419 via org.keycloak:keycloak-quarkus-dist (=26.4.0)

org.keycloak:keycloak-quarkus-dist MAVEN version =26.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.keycloak:keycloak-quarkus-dist and may be impacted: - org.keycloak.testframework:keycloak-test-framework-clustering =26.4.0 -...

org.keycloak.testframework:keycloak-test-framework-core (>=26.1.0 <=26.2.1), org.keycloak.testframework:keycloak-test-framework-db-mariadb (>=26.1.0 <=26.2.1) +12 more potentially affected by CVE-2025-11419 via org.keycloak:keycloak-quarkus-dist (>=26.1.0 <=26.2.1)

org.keycloak:keycloak-quarkus-dist MAVEN version =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.2.0, =26.2.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.2.1 Source cves: CVE-2025-11419 Source advisory: SNYK:JAVA-ORGKEYCLOAK-13517527https://vuln...

Linux Distros Unpatched Vulnerability : CVE-2018-11419

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function via a RegExp\u0 payload, related to...

CVE-2024-11419

The Password for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the get3initadminpage function. This makes it possible for unauthenticated attackers to update settings and injec...

CVE-2018-11419

An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function via a RegExp"\\u0" payload, related to reparsecharclass in parser/regexp/re-parser.c...

CVE-2024-11419

The Password for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the get3initadminpage function. This makes it possible for unauthenticated attackers to update settings and injec...

CVE-2024-11419 Password for WP <= 1.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Password for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the get3initadminpage function. This makes it possible for unauthenticated attackers to update settings and injec...

CVE-2019-11419

Summary: CVE-2019-11419 affects WeChat for Android through 7.0.3/7.0.4 where vcodec2_hls_filter in libvoipCodec_v7a.so enables a local attacker to crash the application by replacing an emoji file (under /sdcard/tencent/MicroMsg) with a crafted .wxgf file whose content is derived from the device I...

CVE-2019-11419

vcodec2hlsfilter in libvoipCodecv7a.so in the WeChat application through 7.0.3 for Android allows attackers to cause a denial of service application crash by replacing an emoji file under the /sdcard/tencent/MicroMsg directory with a crafted .wxgf file. The content of the replacement must be...

CVE-2018-11419

An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function via a RegExp"\u0" payload, related to reparsecharclass in parser/regexp/re-parser.c...

CVE-2018-11419

CVE-2018-11419 affects JerryScript 1.0, with a heap-based buffer over-read in lit_read_code_unit_from_hex triggered by a RegExp("[\u0") payload and related to re_parse_char_class in parser/regexp/re-parser.c. The vulnerability details are documented across multiple sources in the connected set an...

CVE-2017-11419

The CVE-2017-11419 entry affects Fiyo CMS 2.0.7, with a SQL injection in /apps/app_article/controller/editor.php exploitable via POST parameters $_POST['id'] and $_POST['art_title']. The underlying issue is unsanitized input leading to arbitrary SQL execution, as indicated by the NVD/NVD-derived ...