CVE-2026-50089 Aqara IAM/SSO Gateway open redirect

The Aqara IAM/SSO Gateway gw-builder.aqara.com provides an open redirect, which is an instance of "CWE-601: URL Redirection to Untrusted Site," with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 6.1 Medium, which can be used to set up a phishing attack...

CVE-2026-50089

CVE-2026-50089 affects the Aqara IAM/SSO Gateway (gw-builder.aqara.com) and is described as an open redirect (CWE-601). The issue can be leveraged to conduct phishing via untrusted redirects. According to the sources, the CVSS v3.1 base score is 6.1 (Medium): Attack vector Network, Attack complex...

BIT-GITLAB-2026-6552 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with group Owner role to take over another group member's GitLab account due to improper...

Linux Distros Unpatched Vulnerability : CVE-2026-6552

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain...

CVE-2026-11774

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

EUVD-2026-36293

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

CVE-2026-11774 389-ds-base: 389-ds-base: integer overflow in sasl packet length bypasses size limit leading to heap buffer overflow

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

CVE-2026-6552

GitLab Elasticsearch? No—this CVE concerns GitLab Enterprise Edition (GitLab EE). Affected versions: 15.5 up to but not including 18.10.8, 18.11 up to but not including 18.11.5, and 19.0 up to but not including 19.0.2. Root cause: improper authorization in Group SAML identity management allowed a...

CVE-2026-46689 Kanidm: Unauthenticated process abort via SCIM filter stack exhaustion

Kanidm is an identity management platform. Prior to version 1.9.3, a single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses ≈ 4–12 KB drives the recursive-descent PEG parser past the worker thread's stack guard page. Rust responds...

The Hidden Security Risk in Modern Networks: The Work Between Tools

Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant...

CVE-2026-34323

Vulnerability in the Oracle Life Sciences InForm product of Oracle Life Science Applications component: IDM Authentication. Supported versions that are affected are 7.0.1.0 and 7.0.1.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

[SECURITY] Fedora 43 Update: freeipa-4.13.1-7.fc43

IPA is an integrated solution to provide centrally managed Identity users, hosts, services, Authentication SSO, 2FA, and Authorization host access control, SELinux user roles, services. The solution provides features for further integration with Linux based clients SUDO, automount and integration...

EUVD-2026-34249

A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...

[SECURITY] Fedora 44 Update: freeipa-4.13.1-12.fc44

IPA is an integrated solution to provide centrally managed Identity users, hosts, services, Authentication SSO, 2FA, and Authorization host access control, SELinux user roles, services. The solution provides features for further integration with Linux based clients SUDO, automount and integration...

CVE-2026-46425

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM checks the Enterprise feature flag and SCIM config and doInScimContext sets the SCIM request context. There is no role check...

CVE-2026-46425

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM checks the Enterprise feature flag and SCIM config and doInScimContext sets the SCIM request context. There is no role check...

CVE-2026-46425 Budibase: SCIM endpoints lack role-based authorization, BASIC users CRUD tenant users

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM checks the Enterprise feature flag and SCIM config and doInScimContext sets the SCIM request context. There is no role check...

CVE-2026-46425 Budibase: SCIM endpoints lack role-based authorization, BASIC users CRUD tenant users

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM checks the Enterprise feature flag and SCIM config and doInScimContext sets the SCIM request context. There is no role check...

CVE-2026-46425

Budibase contains a SCIM authorization flaw prior to version 3.38.2: the SCIM router (packages/worker/src/api/routes/global/scim.ts) attaches only requireSCIM and doInScimContext middlewares, with no role check. This allows any authenticated user (including BASIC role) who reaches the worker to p...

CVE-2026-35430

Authorization bypass through user-controlled key in Azure Privileged Identity Management PIM allows an authorized attacker to elevate privileges over a network...