2907 matches found
CVE-2026-41103
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-41103 Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability
...
CVE-2026-41103
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-41103 Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability
...
CVE-2026-41103
CVE-2026-41103 concerns the Microsoft SSO Plugin for Jira & Confluence, where an incorrect authentication algorithm implementation allows privilege elevation over a network. The risk is described as network-exploitable with no user interaction, high confidentiality and integrity impact, and no av...
Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network...
Microsoft SSO Plugin for Jira & Confluence 安全漏洞
The Microsoft SSO Plugin for Jira & Confluence is an SSO authentication integration plugin developed by Microsoft for Atlassian collaboration software Jira and Confluence in local deployment. There are security vulnerabilities in the Microsoft SSO Plugin for Jira & Confluence. Attackers can explo...
KLA91034 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Azure Machine Learning Notebook can be...
PT-2026-40242
Name of the Vulnerable Software and Affected Versions Microsoft SSO Plugin for Jira & Confluence affected versions not specified Description An incorrect implementation of the authentication algorithm allows an unauthorized attacker to forge login responses and bypass Entra ID. This enables the...
Exploit for Expression Language Injection in Atlassian Confluence_Data_Center
CVE-2022-26134 — OGNL Injection in Atlassian Confluence Te...
DoS (Denial of Service) in Confluence Data Center
This High severity DoS Denial of Service vulnerability was introduced in versions 10.1.1 and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N allows an...
Injection in Confluence Data Center
This High severity Injection vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This Injection vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N...
DoS (Denial of Service) in Confluence Data Center
This High severity DoS Denial of Service vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
BASM (Broken Authentication & Session Management) in Confluence Data Center
This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity BASM Broken Authentication & Session Management vulnerability was introduced in versions 9.1.0, 9.2.0, 9.3.1, 9.4.0,...
Improper Encoding org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center
This High severity Improper Encoding vulnerability known as CVE-2026-34483 was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0. This Improper Encoding or Escaping of Output vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
HTTP Request/Response Smuggling Apache Tomcat Dependency in Confluence Data Center
This High severity HTTP Request/Response Smuggling vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This HTTP Request/Response Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
Exploit for Path Traversal in Mcp-Atlassian Mcp_Atlassian
CVE-2026-27825 — Path Traversal in mcp-atlassian via confluenc...
PT-2026-35728
CVE-2026-29017: Atlassian Confluence OGNL Injection — Pre-Auth RCE https://t.co/kcWQ5p0sYk anthropic aisecurity alert cybersecurity...
Information Disclosure in Confluence Data Center
This High severity Information Disclosure vulnerability was introduced in versions 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
Information Disclosure in Confluence Data Center
This High severity Information Disclosure vulnerability was introduced in versions 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...