Lucene search
K

1113 matches found

EUVD
EUVD
added 5 days ago54 views

EUVD-2026-32710

Keycloak has privilege escalation via improper scope mapping enforcement...

7.3CVSS5.8AI score0.00292EPSS
Exploits0References12
OSV
OSV
added 5 days ago2 views

GHSA-XF85-363P-868W oras-go: Malicious registry can hijack Bearer token realm to exfiltrate credentials and refresh tokens

Summary oras-go's auth.Client follows the realm URL from a registry's WWW-Authenticate: Bearer challenge without validating its scheme or host. The realm field is server-controlled by design in the OCI/distribution spec — registries legitimately point token requests at a separate auth endpoint e....

2.1CVSS5.9AI score
Exploits0References4
NVD
NVD
added 6 days ago8 views

CVE-2026-4629

A flaw was found in Keycloak. A highly privileged user with manage-clients permission can exploit this vulnerability by injecting a hardcoded role mapper into any client. This action allows the user to bypass existing scope restrictions and inject the realm-admin role into generated tokens,...

6.5CVSS0.0024EPSS
Exploits1References2
NVD
NVD
added 6 days ago8 views

CVE-2026-12388

A flaw was found in the Identity Provider IdP mapper component of Keycloak, which is used to manage how user information from external services is mapped to Keycloak users. An administrator with limited permissions to manage identity providers can exploit this flaw by creating a "Hardcoded Role"...

6.5CVSS0.00233EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-12388 Keycloak-broker: keycloak: privilege escalation to realm administrator via improper authorization in identity provider mapper

A flaw was found in the Identity Provider IdP mapper component of Keycloak, which is used to manage how user information from external services is mapped to Keycloak users. An administrator with limited permissions to manage identity providers can exploit this flaw by creating a "Hardcoded Role"...

6.5CVSS0.00233EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40300

A flaw was found in Keycloak. A highly privileged user with manage-clients permission can exploit this vulnerability by injecting a hardcoded role mapper into any client. This action allows the user to bypass existing scope restrictions and inject the realm-admin role into generated tokens,...

6.5CVSS5.7AI score0.0024EPSS
Exploits1References2
CVE
CVE
added 6 days ago8 views

CVE-2026-12388

CVE-2026-12388 affects Keycloak’s Identity Provider (IdP) mapper component. A restricted administrator can abuse a misconfigured or specifically a Hardcoded Role mapper to assign high-privilege roles (e.g., realm-admin) to themselves or other users, bypassing security checks and gaining full cont...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References2Affected Software1
CVE
CVE
added 6 days ago9 views

CVE-2026-4629

CVE-2026-4629 affects Keycloak. A highly privileged user with the ability to manage clients can inject a hardcoded role mapper into any client, bypassing scope restrictions and injecting the realm-admin role into generated tokens, yielding full administrative access to the realm. The vulnerabilit...

6.5CVSS5.7AI score0.0024EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-40301

A flaw was found in the Identity Provider IdP mapper component of Keycloak, which is used to manage how user information from external services is mapped to Keycloak users. An administrator with limited permissions to manage identity providers can exploit this flaw by creating a "Hardcoded Role"...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-4629 Keycloak: keycloak: privilege escalation through hardcoded role mapper injection

A flaw was found in Keycloak. A highly privileged user with manage-clients permission can exploit this vulnerability by injecting a hardcoded role mapper into any client. This action allows the user to bypass existing scope restrictions and inject the realm-admin role into generated tokens,...

6.5CVSS0.0024EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 6 days ago6 views

CVE-2026-12388

A flaw was found in the Identity Provider IdP mapper component of Keycloak, which is used to manage how user information from external services is mapped to Keycloak users. An administrator with limited permissions to manage identity providers can exploit this flaw by creating a "Hardcoded Role"...

6.5CVSS5.6AI score0.00233EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 6 days ago10 views

Apache Tomcat 9.0.0.M1 < 9.0.102

The version of Tomcat installed on the remote host is prior to 9.0.102. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.102security-9 advisory. - Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to...

7.3CVSS6AI score0.00431EPSS
Exploits0References3
NVD
NVD
added last week11 views

CVE-2026-55957

Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1...

7.3CVSS0.00431EPSS
Exploits0References2
Cvelist
Cvelist
added last week36 views

CVE-2026-55957 Apache Tomcat: Authentication bypass with JNDIRealm and GSSAPI authenticated bind

Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1...

0.00431EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/25 11:23 p.m.7 views

CVE-2026-53440

A flaw was found in Jenkins. This vulnerability allows a remote attacker to perform phishing attacks. The 'Delegate to servlet container' security realm does not properly validate the 'from' parameter, which can be manipulated to redirect users to an attacker-controlled domain after they log in...

4.3CVSS5.9AI score0.00239EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 6:47 p.m.7 views

keycloak: Group-Admin Escalation to Realm-Admin

A flaw was found in Keycloak. A missing authorization check in the GroupResource.addChild endpoint within the Admin REST API allows an authenticated user with limited administrative privileges to reparent any existing group. When Fine-Grained Admin Permissions v2 FGAPv2 is enabled, an attacker wi...

7.7CVSS5.8AI score0.00288EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 6:47 p.m.6 views

keycloak: Keycloak: Information disclosure through arbitrary filesystem path probing

A flaw was found in Keycloak. A realm administrator with the "manage-realm" role can exploit this vulnerability by submitting an arbitrary filesystem path as a keystore parameter when creating a key provider component. This allows the administrator to probe arbitrary filesystem paths, determining...

4.9CVSS5.9AI score0.00519EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 6:47 p.m.6 views

keycloak: Keycloak: Privilege escalation via improper scope mapping enforcement

A flaw was found in Keycloak's Fine-Grained Admin Permissions FGAPv2 feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses intended security...

7.3CVSS5.8AI score0.00292EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:18 p.m.4 views

CVE-2026-53001

A flaw was identified in the Linux kernel's netfilter xtables component. This vulnerability allowed certain network filtering rules, specifically those involving xtmac, xtowner, xtphysdev, and xtrealm matches, to be applied outside of their intended internet protocol IPv4 and IPv6 contexts. This...

5.5CVSS5.8AI score0.00176EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 5:36 p.m.6 views

keycloak: Keycloak: Information disclosure through arbitrary filesystem path probing

A flaw was found in Keycloak. A realm administrator with the "manage-realm" role can exploit this vulnerability by submitting an arbitrary filesystem path as a keystore parameter when creating a key provider component. This allows the administrator to probe arbitrary filesystem paths, determining...

4.9CVSS5.9AI score0.00519EPSS
Exploits0References4
Rows per page
Query Builder