Lucene search
K

2907 matches found

NVD
NVD
added 2026/05/12 6:17 p.m.16 views

CVE-2026-41103

Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network...

9.1CVSS0.05378EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 4:59 p.m.34 views

CVE-2026-41103 Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability

...

9.1CVSS0.05378EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:59 p.m.7 views

CVE-2026-41103

Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network...

9.1CVSS5.8AI score0.05378EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2026/05/12 4:59 p.m.9 views

CVE-2026-41103 Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability

...

9.1CVSS5.8AI score0.05378EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 4:59 p.m.28 views

CVE-2026-41103

CVE-2026-41103 concerns the Microsoft SSO Plugin for Jira & Confluence, where an incorrect authentication algorithm implementation allows privilege elevation over a network. The risk is described as network-exploitable with no user interaction, high confidentiality and integrity impact, and no av...

9.1CVSS5.8AI score0.05378EPSS
Exploits0References1Affected Software2
Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.19 views

Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability

Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network...

9.1CVSS5.8AI score0.05378EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Microsoft SSO Plugin for Jira & Confluence 安全漏洞

The Microsoft SSO Plugin for Jira & Confluence is an SSO authentication integration plugin developed by Microsoft for Atlassian collaboration software Jira and Confluence in local deployment. There are security vulnerabilities in the Microsoft SSO Plugin for Jira & Confluence. Attackers can explo...

9.1CVSS6AI score0.05378EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2026/05/12 12:0 a.m.15 views

KLA91034 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Azure Machine Learning Notebook can be...

9.9CVSS6AI score0.05378EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-40242

Name of the Vulnerable Software and Affected Versions Microsoft SSO Plugin for Jira & Confluence affected versions not specified Description An incorrect implementation of the authentication algorithm allows an unauthorized attacker to forge login responses and bypass Entra ID. This enables the...

9.4CVSS6AI score0.05378EPSS
Exploits0References14
GithubExploit
GithubExploit
added 2026/05/06 1:47 a.m.155 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134 — OGNL Injection in Atlassian Confluence Te...

9.8CVSS8.1AI score0.99999EPSS
Exploits75
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.30 views

DoS (Denial of Service) in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.1.1 and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N allows an...

8.7CVSS5.7AI score0.00552EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.26 views

Injection in Confluence Data Center

This High severity Injection vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This Injection vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N...

7.5CVSS5.8AI score0.00498EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.25 views

DoS (Denial of Service) in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.9AI score0.0043EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.27 views

BASM (Broken Authentication & Session Management) in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity BASM Broken Authentication & Session Management vulnerability was introduced in versions 9.1.0, 9.2.0, 9.3.1, 9.4.0,...

9.1CVSS5.8AI score0.00715EPSS
Exploits1
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.28 views

Improper Encoding org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center

This High severity Improper Encoding vulnerability known as CVE-2026-34483 was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0. This Improper Encoding or Escaping of Output vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.8AI score0.00461EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.26 views

HTTP Request/Response Smuggling Apache Tomcat Dependency in Confluence Data Center

This High severity HTTP Request/Response Smuggling vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This HTTP Request/Response Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.8AI score0.00453EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/04/29 9:37 p.m.76 views

Exploit for Path Traversal in Mcp-Atlassian Mcp_Atlassian

CVE-2026-27825 — Path Traversal in mcp-atlassian via confluenc...

9CVSS6.1AI score0.0226EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.3 views

PT-2026-35728

CVE-2026-29017: Atlassian Confluence OGNL Injection — Pre-Auth RCE https://t.co/kcWQ5p0sYk anthropic aisecurity alert cybersecurity...

5.2AI score
Exploits0References1
Atlassian
Atlassian
added 2026/04/22 8:29 p.m.23 views

Information Disclosure in Confluence Data Center

This High severity Information Disclosure vulnerability was introduced in versions 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.8AI score0.03494EPSS
Exploits1
Atlassian
Atlassian
added 2026/04/18 4:29 p.m.35 views

Information Disclosure in Confluence Data Center

This High severity Information Disclosure vulnerability was introduced in versions 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.8AI score0.00447EPSS
Exploits0
Rows per page
Query Builder