6 matches found
CVE-2026-9792 Keycloak: keycloak: security restriction bypass allows unauthorized ropc token acquisition
A flaw was found in Keycloak's Client Policies, specifically within the org.keycloak.protocol.oidc component. When certain condition providers client-type, client-roles, client-attributes, client-scopes are used to enforce security restrictions, the reject-ropc-grant executor is silently bypassed...
PT-2026-44183
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw exists in the org.keycloak.protocol.oidc component of Keycloak's Client Policies. When specific condition providers—client-type, client-roles, client-attributes, or client-scopes—are...
GHSA-M23H-6MWM-39M8 Kong Ingress Controller for Kubernetes (KIC): Cross-namespace TLS Secret Exfiltration in Gateways with GatewayClass missing `konghq.com/gatewayclass-unmanaged: 'true'` annotation
Summary A vulnerability in the Kong Ingress Controller KIC allows for the unauthorized exfiltration of TLS certificates and private keys across Kubernetes namespace boundaries. In "managed" mode where the GatewayClass lacks an unmanaged annotation, the Gateway TLS translator skips critical status...
EUVD-2026-30613
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST /api/v1/models/import endpoint allows users with the workspace.modelsimport permission to overwrite any existing model in the database, regardless of ownership. When an...
Open WebUI's Model Import Overwrites Any Model Without Ownership Check
Model Import Overwrites Any Model Without Ownership Check Affected Component Model import endpoint: - backend/openwebui/routers/models.py lines 254-308, importmodels Affected Versions Current main branch commit 6fdd19bf1 and likely all versions with model import functionality. Description The POS...
CVE-2026-24749
The Silverstripe Assets Module is a required component of Silverstripe Framework. In versions prior to 2.4.5 and 3.0.0-rc1 through 3.1.2, images rendered in templates or otherwise accessed via DBFile::getURL or DBFile::getSourceURL incorrectly add an access grant to the current session, which...