CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

81 matches found

OSV•added 2026/03/11 6:31 a.m.•0 views

GHSA-XH32-C9WX-PHRP Keycloak: Information disclosure of disabled user attributes via administrative endpoint

A flaw was found in Keycloak. An authenticated user with the view-users role could exploit a vulnerability in the UserResource component. By accessing a specific administrative endpoint, this user could improperly retrieve user attributes that were configured to be hidden. This unauthorized...

2.7CVSS5.8AI score0.00013EPSS

Exploits0References9

Github Security Blog•added 2026/03/11 6:31 a.m.•3 views

Keycloak: Information disclosure of disabled user attributes via administrative endpoint

2.7CVSS5.7AI score0.00013EPSS

Exploits0References9Affected Software1

NVD•added 2026/03/11 6:17 a.m.•3 views

CVE-2026-3911

2.7CVSS0.00013EPSS

Exploits0References4

EUVD•added 2026/03/11 5:36 a.m.•1 views

EUVD-2026-11108

2.7CVSS5.7AI score0.00013EPSS

Exploits0References2

RedhatCVE•added 2026/03/11 5:36 a.m.•1 views

CVE-2026-3911

2.7CVSS5.6AI score0.00013EPSS

Exploits0References3

CNNVD•added 2026/01/22 12:0 a.m.•1 views

Discord security vulnerabilities

Discord is a free chat service provided by the Discord company. Versions of Discord dated January 16, 2026 and earlier have security vulnerabilities. These vulnerabilities stem from the WebSocket API responding with status information about hidden users, which may lead to the inference of a user’...

4.3CVSS5.8AI score0.00015EPSS

Exploits0References1

EUVD•added 2026/01/15 1:2 p.m.•2 views

EUVD-2026-2809

The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the system...

7.5CVSS6.3AI score0.00022EPSS

Exploits0References7

Vulnrichment•added 2026/01/15 1:2 p.m.•1 views

CVE-2026-22910

7.5CVSS6.4AI score0.00022EPSS

Exploits0References6

CVE•added 2026/01/15 1:2 p.m.•7 views

CVE-2026-22910

The connected Red Hat and SICK PSIRT entries corroborate CVE-2026-22910 affecting SICK TDC-X401GL devices, where the vulnerability arises from weak, publicly known default passwords on certain hidden user levels. The issue is described as enabling unauthorized access and compromising confidential...

9.1CVSS6.4AI score0.00022EPSS

Exploits0References6Affected Software1

ATTACKERKB•added 2026/01/15 1:2 p.m.•2 views

CVE-2026-22910

9.1CVSS5.5AI score0.00022EPSS

Exploits0References7

Cvelist•added 2026/01/15 1:2 p.m.•24 views

CVE-2026-22910

7.5CVSS0.00022EPSS

Exploits0References6

Positive Technologies•added 2026/01/15 12:0 a.m.•3 views

PT-2026-2991

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represent...

9.1CVSS6.4AI score0.00022EPSS

Exploits0References10

RedhatCVE•added 2026/01/09 12:34 p.m.•9 views

CVE-2023-45369

An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Usernames of hidden users are exposed...

4.3CVSS6.9AI score0.00107EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2020-6623

Malware in sbrugna...

9.8CVSS9AI score0.00409EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-17089

Malware in sbrugna...

4.3CVSS4.7AI score0.00223EPSS

Exploits1References5