ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +181 more potentially affected by CVE-2026-1486 via org.keycloak:keycloak-services (>=10.0.0 <=26.4.7)

org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...

CVE-2026-1486

creationtimestamp| type| source ---|---|--- 2026-02-09 20:24:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mehbpr3lqv23 2026-02-09 20:24:44+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mehbqyfm4i2v 2026-02-10 20:10:05+00:00| seen|...

CVE-2026-1486

A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-grant flow where the server fails to verify if an Identity Provider IdP is enabled before issuing tokens. The issuer lookup mechanism lookupIdentityProviderFromIssuer retrieves the IdP configuration but does not filter...

MiracleLinux 3 : libvirt-0.8.2-15.4.0.1.AXS3 (AXSA:2011-179:03)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-179:03 advisory. Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. Security issues fixed with this release:...

MiracleLinux 4 : libvirt-0.8.1-27.6.0.1.AXS4 (AXSA:2011-193:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-193:02 advisory. Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd...

EUVD-2026-1486

OPEXUS eCasePortal before version 9.0.45.0 allows an unauthenticated attacker to navigate to the 'Attachments.aspx' endpoint, iterate through predictable values of 'formid', and download or delete all user-uploaded files, or upload new files...

CVE-2023-1486

creationtimestamp| type| source ---|---|--- 2025-06-24 21:02:27+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lseymlfjut2i...

SUSE: Security Advisory (SUSE-SU-2024:1486-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-1486

A spoofing vulnerability exists in Visual Studio Live Share when a guest connected to a Live Share session is redirected to an arbitrary URL specified by the session host, aka 'Visual Studio Live Share Spoofing Vulnerability'...

CVE-2010-1486

Multiple cross-site scripting XSS vulnerabilities in invoice.asp in CactuShop before 6.155 allow remote attackers to inject arbitrary web script or HTML via the 1 billing address or 2 shipping address...

CVE-2025-1486

creationtimestamp| type| source ---|---|--- 2025-03-13 08:55:38+00:00| seen| https://t.me/cvedetector/20190...

CVE-2025-1486

The WoWPth WordPress plugin through 2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-1486

CVE-2025-1486 relates to the WoWPth WordPress plugin (

CVE-2025-1486 WoWPth <= 2.0 - Reflected XSS

The WoWPth WordPress plugin through 2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

Linux Distros Unpatched Vulnerability : CVE-2011-1486

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service crash by causing multiple...

openSUSE Security Advisory (SUSE-SU-2024:1486-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-1486

Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices...

CVE-2024-1486 Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices

Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices...

CVE-2024-1486

CVE-2024-1486 is a confirmed vulnerability in GE Healthcare ultrasound devices caused by a misconfigured access control list that enables elevation of privileges. The Red Hat/PT-security entries corroborate the flaw as an ACL misconfiguration that allows an attacker with local access to gain high...

RHEL 7 : firefox (RHSA-2024:1486)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1486 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...