CVE-2026-9795

A flaw was found in Keycloak's Fine-Grained Admin Permissions FGAPv2 feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses intended security...

CVE-2026-9795

A flaw was found in Keycloak's Fine-Grained Admin Permissions FGAPv2 feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses intended security...

CVE-2026-9795 Keycloak: keycloak: privilege escalation via improper scope mapping enforcement

A flaw was found in Keycloak's Fine-Grained Admin Permissions FGAPv2 feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses intended security...

CVE-2026-9795

A flaw was found in Keycloak's Fine-Grained Admin Permissions FGAPv2 feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses intended security...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the configuration process of the optional TinkerpopClientService. An attacker can execute arbitrary code by submitting Groovy scripts through the ByteCode Submission feature without possessing the required...

Apache NiFi is missing the Restricted annotation with the Execute Code Required Permission

The optional extension component TinkerpopClientService is missing the Restricted annotation with the Execute Code Required Permission in Apache NiFi 2.0.0-M1 through 2.8.0. The TinkerpopClientService supports configuration of ByteCode Submission for the Script Submission Type, enabling Groovy...

SkillScope: Toward Fine-Grained Least-Privilege Enforcement for Agent Skills

Agent Skills have become a practical way to extend LLM agents by packaging metadata, natural-language instructions, and executable resources into reusable capability bundles. However, this growing Skill ecosystem introduces a new compliance risk: a Skill may perform high-impact actions that excee...

EUVD-2005-1498

Malware in sbrugna...

EUVD-2008-1816

Malware in sbrugna...

EUVD-2024-2822

Malicious code in bioql PyPI...

EUVD-2024-2914

Malicious code in bioql PyPI...

Beyond Classification: Evaluating LLMs for Fine-Grained Automatic Malware Behavior Auditing

Automated malware classification has achieved strong detection performance. Yet, malware behavior auditing seeks causal and verifiable explanations of malicious activities -- essential not only to reveal what malware does but also to substantiate such claims with evidence. This task is challengin...

Linux Distros Unpatched Vulnerability : CVE-2021-41244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. In affected versions when the fine- grained access control beta feature is enabled and ther...

MalLoc: toward Fine-Grained Android Malicious Payload Localization Via LLMs

The rapid evolution of Android malware poses significant challenges to the maintenance and security of mobile applications apps. Traditional detection techniques often struggle to keep pace with emerging malware variants that employ advanced tactics such as code obfuscation and dynamic behavior...

Enhancing Targeted Adversarial Attacks on Large Vision-Language Models through Intermediate Projector Guidance

Targeted adversarial attacks are essential for proactively identifying security flaws in Vision-Language Models before real-world deployment. However, current methods perturb images to maximize global similarity with the target text or reference image at the encoder level, collapsing rich visual...

org.keycloak/keycloak-services: Privilege Escalation in Keycloak Admin Console (FGAPv2 Enabled)

A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin PermissionsFGAPv2 are enabled. An administrative user with the manage-users role can escalate their privileges to realm-admin due to improper privilege enforcement. This vulnerability allows unauthorize...

Privilege Escalation

org.keycloak, keycloak-services is vulnerable to privilege escalation. The vulnerability is due to improper privilege enforcement when Fine-Grained Admin Permissions FGAPv2 are enabled, which allows an attacker with the manage-users role to escalate privileges to realm-admin...

Duplicate Advisory: Keycloak Privilege Escalation Vulnerability in Admin Console (FGAPv2 Enabled)

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-27gp-8389-hm4w. This link is maintained to preserve external references. Original Description A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin Permissions FGAPv2 are...

CVE-2025-7784 Org.keycloak/keycloak-services: privilege escalation in keycloak admin console (fgapv2 enabled)

A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin PermissionsFGAPv2 are enabled. An administrative user with the manage-users role can escalate their privileges to realm-admin due to improper privilege enforcement. This vulnerability allows unauthorize...

CVE-2025-7784 Org.keycloak/keycloak-services: privilege escalation in keycloak admin console (fgapv2 enabled)

A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin PermissionsFGAPv2 are enabled. An administrative user with the manage-users role can escalate their privileges to realm-admin due to improper privilege enforcement. This vulnerability allows unauthorize...