Exploit for CVE-2026-1529

No d...

Exploit for CVE-2026-1529

CVE-2026-1529 Keycloak Exploit Tool Keycloak: Unauthorized...

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +168 more potentially affected by CVE-2026-1529 via org.keycloak:keycloak-services (>=10.0.0 <=26.2.1)

org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.0.1, =1.0.2 and more Source cves: CVE-2026-1529 Source advisory: OSV:GHSA-HCVW-475W-8G7P...

CVE-2026-1529

creationtimestamp| type| source ---|---|--- 2026-02-09 20:25:24+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mehbs5qxkm2r 2026-02-10 17:44:09+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3mejjaqa5qd2z 2026-02-11 12:20:06+00:00| seen|...

MiracleLinux 8 : thunderbird-91.9.1-1.el8.ML.2 (AXSA:2022-3714:08)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3714:08 advisory. Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 Mozilla: Prototype pollution in Top-Level...

MiracleLinux 9 : firefox-91.9.1-1.el9.ML.1 (AXSA:2022-4012:30)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4012:30 advisory. Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 Mozilla: Prototype pollution in Top-Level...

MiracleLinux 7 : firefox-91.9.1-1.0.1.el7.AXS7 (AXSA:2022-3195:12)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3195:12 advisory. Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 Mozilla: Prototype pollution in Top-Level...

MiracleLinux 8 : firefox-91.9.1-1.el8.ML.2 (AXSA:2022-3726:17)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3726:17 advisory. Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 Mozilla: Prototype pollution in Top-Level...

MiracleLinux 3 : firefox-24.5.0-1.0.1.AXS3 (AXSA:2014-327:02)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-327:02 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

MiracleLinux 4 : firefox-24.5.0-1.0.1.AXS4 (AXSA:2014-296:03)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-296:03 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

MiracleLinux 4 : krb5-1.9-22.AXS4.1 (AXSA:2012-29:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-29:01 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of...

EUVD-2026-1529

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VanKarWai Lobo lobo allows Blind SQL Injection.This issue affects Lobo: from n/a through 2.8.6...

CVE-2024-20082

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01182594; Issue ID: MSV-1529...

WordPress AM LottiePlayer plugin <= 3.5.3 - Authenticated (Author+) Stored Cross-Site Scripting via Uploaded Lottie File vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Uploaded Lottie File vulnerability discovered by Avraham Shemesh in WordPress Plugin AM LottiePlayer versions = 3.5.3...

CVE-2025-1529

creationtimestamp| type| source ---|---|--- 2025-05-01 12:14:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14264...

CVE-2025-1529 AM LottiePlayer <= 3.5.3 - Authenticated (Author+) Stored Cross-Site Scripting via Uploaded Lottie File

The AM LottiePlayer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via uploaded lottie files in all versions up to, and including, 3.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and...

CVE-2025-1529

CVE-2025-1529 : AM LottiePlayer for WordPress is vulnerable to stored XSS via uploaded Lottie files in all versions up to and including 3.5.3. Exploitation requires authenticated access at Author level or higher. Root cause: insufficient input sanitization and output escaping. Affected software: ...

CVE-2025-1529 AM LottiePlayer <= 3.5.3 - Authenticated (Author+) Stored Cross-Site Scripting via Uploaded Lottie File

The AM LottiePlayer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via uploaded lottie files in all versions up to, and including, 3.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and...

CentOS 7 : firefox (RHSA-2022:4729)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4729 advisory. - An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototy...

CVE-2024-1529

creationtimestamp| type| source ---|---|--- 2024-03-12 17:32:06+00:00| seen| https://t.me/ctinow/205897 2024-03-12 17:32:14+00:00| seen| https://t.me/ctinow/205905...