CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Chainguard•added 4 days ago•5 views

CVE-2026-48525 vulnerabilities

5.3CVSS5.8AI score0.0025EPSS

Chainguard•added 4 days ago•6 views

CVE-2026-48526 vulnerabilities

7.4CVSS5.8AI score0.00148EPSS

Chainguard•added 4 days ago•6 views

CVE-2026-48523 vulnerabilities

5.4CVSS5.8AI score0.0011EPSS

Chainguard•added 4 days ago•5 views

GHSA-FHV5-28VV-H8M8 vulnerabilities

Chainguard•added 4 days ago•4 views

GHSA-XGMM-8J9V-C9WX vulnerabilities

Chainguard•added 4 days ago•5 views

GHSA-JQ35-7PRP-9V3F vulnerabilities

Chainguard•added 4 days ago•4 views

GHSA-W7VC-732C-9M39 vulnerabilities

Chainguard•added 4 days ago•9 views

CVE-2026-48522 vulnerabilities

4.2CVSS5.8AI score0.00148EPSS

Chainguard•added 4 days ago•6 views

GHSA-993G-76C3-P5M4 vulnerabilities

RedhatCVE•added 2026/06/04 12:13 a.m.•8 views

CVE-2026-44394

A flaw was found in OpenStack Keystone. The federated token rescoping mechanism does not correctly propagate the original token's expiry to newly issued tokens. This allows a federated user to repeatedly rescope a token before it expires, effectively maintaining indefinite access and bypassing...

8.1CVSS5.7AI score0.00245EPSS

RedhatCVE•added 2026/06/04 12:13 a.m.•9 views

CVE-2026-42998

A flaw was found in OpenStack Keystone. The application credential authentication plugin fails to verify if the user provided in an authentication request matches the owner of the application credential. This allows a remote attacker to authenticate with their own credentials while impersonating...

8.8CVSS5.8AI score0.00298EPSS

RedhatCVE•added 2026/06/04 12:13 a.m.•8 views

CVE-2026-42999

A flaw was found in OpenStack Keystone. This vulnerability allows an authenticated user to bypass Role-Based Access Control RBAC checks by injecting arbitrary policy target attributes into the request body. This enables the user to perform unauthorized operations on resources belonging to other...

8.8CVSS5.9AI score0.00246EPSS

UbuntuCve•added 2026/05/29 12:0 a.m.•8 views

CVE-2026-42998

An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone application credential authentication plugin does not verify that the user supplied in the authentication request matches the owner of the application credential. An attacker can authenticate with their own application...

6CVSS5.8AI score0.00298EPSS

Exploits1References3

Tenable Nessus•added 2026/05/29 12:0 a.m.•17 views

Linux Distros Unpatched Vulnerability : CVE-2026-42998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone application credential authentication plugin does not verify that the user supplied in...

8.8CVSS5.5AI score0.00298EPSS

Exploits1References2

Tenable Nessus•added 2026/05/29 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-44394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token rescoping mechanism does not propagate the original token's expiry to...

8.1CVSS5.5AI score0.02266EPSS

Exploits2References2

NVD•added 2026/05/28 7:16 p.m.•8 views

CVE-2026-43000

An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the member role on a project can escalate to admin by chaining unrestricted application credentials with Keystone trusts. The impersonated token...

8.8CVSS0.00244EPSS

Exploits1References2

OSV•added 2026/05/28 7:16 p.m.•7 views

UBUNTU-CVE-2026-42998

8.8CVSS5.8AI score0.00298EPSS

Chainguard•added 2026/05/28 1:18 p.m.•8 views

CVE-2026-43001 vulnerabilities

Vulnerabilities for packages: openstack-keystone-2025.1-fips, openstack-keystone-2026.1, openstack-keystone-2025.1, openstack-keystone-2025.2, openstack-keystone-2025.2-fips...

8CVSS5.8AI score0.00404EPSS

Chainguard•added 2026/05/28 1:18 p.m.•7 views

GHSA-HHQ2-3832-XXCV vulnerabilities

Vulnerabilities for packages: openstack-keystone-2025.1-fips, openstack-keystone-2026.1, openstack-keystone-2025.1, openstack-keystone-2025.2, openstack-keystone-2025.2-fips...