CVE-2026-50627

A flaw was found in Apache CXF. The JwtAccessTokenValidator class fails to properly validate the 'aud' Audience claims within incoming JSON Web Token JWT access tokens. This vulnerability allows an attacker to reuse a JWT, originally intended for one resource server, against a different resource...

Improper Access Control

Keycloak is vulnerable to Improper Access Control. The vulnerability is due to insufficient audience restriction enforcement in the OpenID Connect token introspection endpoint, which allows an authenticated confidential client to access sensitive token claims intended for other resource servers...

keycloak: Keycloak: Information disclosure via OIDC token introspection endpoint audience bypass

A flaw was found in Keycloak. This access control vulnerability in Keycloak's OpenID Connect OIDC token introspection endpoint allows a confidential client to bypass audience restrictions. An attacker-controlled client with valid credentials can retrieve sensitive token claims intended for other...

Keycloak 访问控制错误漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a security vulnerability related to access control. This vulnerability stems from an access control flaw within the OpenID Connect token, allowing confidential clients to bypass audience...

EUVD-2022-4881

Malicious code in bioql PyPI...

EUVD-2025-29434

Malicious code in bioql PyPI...

Information Exposure

Overview x402 is a x402 Payment Protocol Affected versions of this package are vulnerable to Information Exposure where sensitive endpoints could be unintentionally discovered by unauthorized endpoints. Note: This vulnerability impacts builders working on resource servers. Remediation Upgrade x40...

Information Exposure

Overview x402-next is a x402 Payment Protocol Affected versions of this package are vulnerable to Information Exposure where sensitive endpoints could be unintentionally discovered by unauthorized endpoints. Note: This vulnerability impacts builders working on resource servers. Remediation Upgrad...

Information Exposure

Overview x402-hono is a x402 Payment Protocol Affected versions of this package are vulnerable to Information Exposure where sensitive endpoints could be unintentionally discovered by unauthorized endpoints. Note: This vulnerability impacts builders working on resource servers. Remediation Upgrad...

Information Exposure

Overview x402 is a x402: An internet native payments protocol Affected versions of this package are vulnerable to Information Exposure where sensitive endpoints could be unintentionally discovered by unauthorized endpoints. Note: This vulnerability impacts builders working on resource servers...

GHSA-3J63-5H8P-GF7C x402 SDK vulnerable in outdated versions in resource servers for builders

Impact There is a security vulnerability in outdated versions of the x402 SDK. This does not directly affect users' keys, smart contracts, or funds. This primarily impacts builders working on resource servers. Patches Please update to the following package versions: x402 = 0.5.2 x402-next = 0.5.2...

x402 SDK vulnerable in outdated versions in resource servers for builders

Impact There is a security vulnerability in outdated versions of the x402 SDK. This does not directly affect users' keys, smart contracts, or funds. This primarily impacts builders working on resource servers. Patches Please update to the following package versions: x402 = 0.5.2 x402-next = 0.5.2...

GHSA-Q4Q2-93PW-QWGF Issuer validation regression in Spring Cloud SSO Connector

Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service. In PCF deployments with multiple SSO service plans, a remote attacker can authenticate to unbound resource servers which use this version of...

Issuer validation regression in Spring Cloud SSO Connector

Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service. In PCF deployments with multiple SSO service plans, a remote attacker can authenticate to unbound resource servers which use this version of...

Input validation

Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service. In PCF deployments with multiple SSO service plans, a remote attacker can authenticate to unbound resource servers which use this version of...

CVE-2018-1256

Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service. In PCF deployments with multiple SSO service plans, a remote attacker can authenticate to unbound resource servers which use this version of...

CVE-2018-1256

Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service. In PCF deployments with multiple SSO service plans, a remote attacker can authenticate to unbound resource servers which use this version of...

CVE-2018-1256

Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service. In PCF deployments with multiple SSO service plans, a remote attacker can authenticate to unbound resource servers which use this version of...

Unauthenticated Access

spring-cloud-sso-connector is vulnerable to unauthenticated access. The vulnerability exists due to a regression caused in version 2.1.2, which disables issuer validation in resource servers when PCF is deployed with multiple SSO service plans, allowing malicious users to authenticate to unbound...