a10-octavia (>=1.0.0 <=2.2.0) potentially affected by CVE-2026-40683 via keystone (>=15.0.1 <=18.0.0)

keystone PYPI version =15.0.1, =1.0.0, =2.2.0 Source cves: CVE-2026-40683 Source advisory: OSV:GHSA-PFX2-9X9M-7GHX...

CVE-2026-40683

creationtimestamp| type| source ---|---|--- 2026-04-14 20:19:08+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mji7bvc7ln27 2026-04-14 21:25:42+00:00| published-proof-of-concept| Telegram/YBv3RW-vRVGMDDlTI6JsAJBRTWorFJbZdjQQujfRdi3MBhU...

CVE-2026-40683

In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the userenabledinvert configuration option is False the default. The ldaprestomodel method in the UserApi class only performed string-to-boolean conversion when...

CVE-2026-40683

In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the userenabledinvert configuration option is False the default. The ldaprestomodel method in the UserApi class only performed string-to-boolean conversion when...

EUVD-2025-40683

Malicious code in andi-gudeg88-miaww npm...

MAL-2025-40683 Malicious code in yy-igwutil (npm)

The package yy-igwutil was found to contain malicious code...

CVE-2025-40683 Reflected Cross-Site Scripting (XSS) vulnerability in Human Resource Management System

Reflected Cross-Site Scripting XSS in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searccity' parameter in /city.php...

Fortinet FortiWeb - Double free in pipe management (FG-IR-22-348)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-348 advisory. - A double free in Fortinet FortiWeb version 7.0.0 through 7.0.3 may allows attacker to execute unauthorized code or commands...

CVE-2023-40683

creationtimestamp| type| source ---|---|--- 2024-01-19 02:26:46+00:00| seen| https://t.me/ctinow/170036...

CVE-2022-40683

Fortinet FortiWeb is affected by a double-free vulnerability (CWE-415) in the CLI handling that impacts FortiWeb 7.0.0–7.0.3, potentially allowing an authenticated, local attacker to execute arbitrary code via specially crafted commands. The issue is documented as CVE-2022-40683 and via FG-IR-22-...

CVE-2021-40683

creationtimestamp| type| source ---|---|--- 2021-10-04 20:23:31+00:00| seen| https://t.me/cibsecurity/29891...

EAA Client Escalation of Privilege Vulnerability on Windows

This post covers the details of CVE-2021-40683 CVSS 6.5, the vulnerability impacting the Akamai Enterprise Application Access EAA Client running on Windows systems, for which Akamai has provided a patch to its customers...

CVE-2021-40683

The CVE-2021-40683 issue affects Akamai EAA Client on Windows prior to patches addressing unquoted path handling that could hijack the flow of execution. Affected versions include 2.3.1 and 2.4.x before 2.4.1, and 2.5.x before 2.5.3. The vulnerability, described across multiple sources, indicates...