CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

org.keycloak:keycloak-junit5 (>=26.0.0 <=26.0.1), org.keycloak:keycloak-test-framework (>=26.0.0 <=26.0.1) potentially affected by CVE-2025-11419 via org.keycloak:keycloak-quarkus-dist (>=26.0.0 <=26.0.1)

org.keycloak:keycloak-quarkus-dist MAVEN version =26.0.0, =26.0.0, =26.0.0, =26.0.1 Source cves: CVE-2025-11419 Source advisory: SNYK:JAVA-ORGKEYCLOAK-13517527...

7.5CVSS5.8AI score0.00656EPSS

Exploits0

CVE•added 2025/10/06 12:0 a.m.•14 views

CVE-2025-57247

The BATBToken contract (address 0xfbf1388408670c02f0dbbb74251d8ded1d63b7a2; compiler v0.8.26+commit.8a97fa7a) has an access-control flaw in whitelist management: setColdWhiteList() and setSpecialAddress() are declared public without proper restrictions. This enables any user to bypass cold-time t...

9.1CVSS6.7AI score0.00327EPSS

Exploits0References2

Packet Storm News•added 2025/10/06 12:0 a.m.•3 views

Why Software Signing (Still) Matters: Trust Boundaries in the Software Supply Chain

Software signing provides a formal mechanism for provenance by ensuring artifact integrity and verifying producer identity. It also imposes tooling and operational costs to implement in practice. In an era of centralized registries such as PyPI, npm, Maven Central, and Hugging Face, it is...

6.8AI score

Exploits0

Cvelist•added 2025/10/06 12:0 a.m.•11 views

CVE-2025-57247

The BATBToken smart contract address 0xfbf1388408670c02f0dbbb74251d8ded1d63b7a2, Compiler Version v0.8.26+commit.8a97fa7a contains incorrect access control implementation in whitelist management functions. The setColdWhiteList and setSpecialAddress functions in the base ERC20 contract are declare...

0.00327EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-6725

Malicious code in bioql PyPI...

9CVSS8.5AI score0.00789EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-7086

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00545EPSS

Exploits1References2