Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:36 p.m.7 views

CVE-2026-41577

authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, the SAML source response processor ResponseProcessor.parse does not validate the Conditions element on assertions. NotBefore, NotOnOrAfter, and AudienceRestriction are all ignored. This allows replay of expir...

7.5CVSS5.4AI score0.00008EPSS
Exploits0References1
NVD
NVDadded 2026/05/19 12:16 p.m.9 views

CVE-2026-37982

A flaw was found in Keycloak. This authentication vulnerability allows a remote attacker to replay ExecuteActionsActionToken tokens within Keycloak's WebAuthn Web Authentication flow. By intercepting an execute-actions email link, an attacker can register their own authenticator to a victim's...

6.8CVSS0.00022EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2026/04/24 12:31 a.m.4 views

Duplicate Advisory: OpenClaw: Voice-call Plivo replay mutates in-process callback origin before replay rejection

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-89r3-6x4j-v7wf. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 contains a callback origin mutation vulnerability in Plivo voice-call replay that allows...

6.3CVSS5.7AI score0.00037EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder