CVE-2026-23901 vulnerabilities

Vulnerabilities for packages: apache-jena-fuseki, neo4j...

be.fluid-it.guice.extensions:guice-multi-shiro-realms (=0.1-1), be.fluid-it.shiro.jee:shiro-jee-authc (>=0.1-1 <=0.1-3) +3103 more potentially affected by CVE-2026-23901 via org.apache.shiro:shiro-core (>=1.0.0-incubating <=2.0.6)

org.apache.shiro:shiro-core MAVEN version =1.0.0-incubating, =0.1-1, =4.0.0-RC2, =1.0.0, =1.0.0, =0.0.2, =0.0.21, =0.0.27, =0.0.2, =0.0.27, =0.0.1, =1.0.2, =1.0.0, =1.0.5 and more Source cves: CVE-2026-23901 Source advisory: OSV:GHSA-C4QC-4Q9P-M9Q9...

ca.ibodrov.concord:testcontainers-concord-core (>=2.0.3 <=2.0.5), ca.ibodrov.mica.docker:mica-standalone (>=0.0.27 <=0.0.34) +272 more potentially affected by CVE-2026-23901 via org.apache.shiro:shiro-core (>=2.0.0-alpha-1 <=2.0.6)

org.apache.shiro:shiro-core MAVEN version =2.0.0-alpha-1, =2.0.3, =0.0.27, =0.0.27, =0.0.27, =6.0.0, =8.0.0, =8.0.0, =2.2.0, =1.0.2, =3.4.0, =3.3.0, =3.3.0, =3.3.0, =3.3.0, =3.8.0 and more Source cves: CVE-2026-23901 Source advisory: SNYK:JAVA-ORGAPACHESHIRO-15253618...

Linux Distros Unpatched Vulnerability : CVE-2026-23901

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Observable Timing Discrepancy vulnerability in Apache Shiro. This issue affects Apache Shiro: from 1., 2. before 2.0.7. Users are recommended to upgrade to...