Lucene search
K

3766 matches found

Cvelist
Cvelist
added 2026/06/23 3:59 p.m.38 views

CVE-2026-13007 Insecure Public Caching on REST API Endpoints in Tenable Identity Exposure

Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/ that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration, user accounts, and directory settings to unauthenticated remote attackers. Affected responses are...

8.7CVSS0.00432EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/06/23 5:8 a.m.281 views

Zabbix - SAML SSO Authentication Bypass

When SAML SSO authentication is enabled non-default, session data can be modified by a malicious actor because a user login stored in the session was not verified. id: CVE-2022-23131 info: name: Zabbix - SAML SSO Authentication Bypass author: For3stCo1d,spac3wh1te severity: critical description:...

9.8CVSS7.5AI score0.95683EPSS
Exploits9References5
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.10 views

PT-2026-51549

Name of the Vulnerable Software and Affected Versions Tenable Identity Exposure affected versions not specified Description Multiple unauthenticated API endpoints under '/w/api/' expose sensitive application configuration data to remote attackers. The leaked information includes cleartext LDAP...

8.7CVSS7.2AI score0.00432EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/22 7:3 a.m.12 views

CVE-2026-12804

A flaw was found in lemonldap-ng. A remote attacker could exploit this vulnerability by manipulating the 'url' argument within the SAML Common Domain Cookie Endpoint. This manipulation results in an open redirect, potentially leading to users being redirected to arbitrary malicious websites...

5.3CVSS5.8AI score0.00264EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/21 6:30 p.m.5 views

CVE-2026-12804 lemonldap-ng SAML Common Domain Cookie Endpoint CDC.pm redirect

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS5.3AI score0.00264EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/21 6:30 p.m.20 views

CVE-2026-12804 lemonldap-ng SAML Common Domain Cookie Endpoint CDC.pm redirect

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS0.00264EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/21 6:30 p.m.8 views

EUVD-2026-38190

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS5.5AI score0.00264EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/21 6:30 p.m.5 views

CVE-2026-12804

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS5.2AI score0.00264EPSS
Exploits0
CVE
CVE
added 2026/06/21 6:30 p.m.12 views

CVE-2026-12804

Affected software: lemonldap-ng up to 2.23.0. Vulnerable component/file: lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm within the SAML Common Domain Cookie Endpoint. Root cause: manipulation of the argument url causes an open redirect. Impact: enables remote exploitation; attack vector is ne...

5.3CVSS5.3AI score0.00264EPSS
Exploits0References6
Snyk
Snyk
added 2026/06/19 8:47 p.m.5 views

Improper Verification of Cryptographic Signature

Overview CoreWCF.Primitives is a port of the service side of Windows Communication Foundation WCF to .NET Core. The goal of this project is to enable existing WCF services to move to .NET Core. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature vi...

9CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/06/19 8:47 p.m.6 views

Insufficient Session Expiration

Overview CoreWCF.Primitives is a port of the service side of Windows Communication Foundation WCF to .NET Core. The goal of this project is to enable existing WCF services to move to .NET Core. Affected versions of this package are vulnerable to Insufficient Session Expiration due to the TryAdd...

8.2CVSS5.9AI score
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in open-vm-tools

VMware Tools contains a vulnerability related to bypassing the SAML token signature. A malicious actor who has been granted “Guest Operation Privileges” can potentially elevate their privileges if the target virtual machine has been assigned a more privileged “Guest Alias”. source-iocs-preserved...

7.5CVSS6.6AI score0.00667EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 8:52 p.m.20 views

CVE-2026-49454 Relyra SAML SignatureValue not cryptographically verified -> authentication bypass

Relyra is a strict-by-default SAML 2.0 Service Provider library for Elixir and Phoenix. Versions 1.0.0 and 1.1.0 accept forged SAML signatures because SignatureValue was not cryptographically verified before the library returned a successful authentication result. The XMLDSig trust boundary was...

9.1CVSS0.00135EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/18 8:52 p.m.7 views

CVE-2026-49454

Relyra is a strict-by-default SAML 2.0 Service Provider library for Elixir and Phoenix. Versions 1.0.0 and 1.1.0 accept forged SAML signatures because SignatureValue was not cryptographically verified before the library returned a successful authentication result. The XMLDSig trust boundary was...

9.1CVSS5.3AI score0.00135EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/18 1:1 p.m.8 views

ZITADEL: Server-Side Request Forgery (SSRF) and Denylist Bypass in Outgoing HTTP Components

Summary A Server-Side Request Forgery SSRF vulnerability was discovered in Zitadel affecting: HTTP Notification Channels: Used as an alternative to SMTP/Twilio configurations, sending payloads to user-defined URLs via HTTP POST webhooks. OIDC BackChannel Logout: Terminates sessions across differe...

6.1AI score
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/18 1:1 p.m.5 views

GHSA-29JH-8CFQ-RR8X ZITADEL: Server-Side Request Forgery (SSRF) and Denylist Bypass in Outgoing HTTP Components

Summary A Server-Side Request Forgery SSRF vulnerability was discovered in Zitadel affecting: HTTP Notification Channels: Used as an alternative to SMTP/Twilio configurations, sending payloads to user-defined URLs via HTTP POST webhooks. OIDC BackChannel Logout: Terminates sessions across differe...

2.3CVSS6.2AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.15 views

PT-2026-50740

Name of the Vulnerable Software and Affected Versions Zitadel versions 4.0.0 through 4.15.1 Zitadel versions 3.0.0 through 3.4.11 Description A Server-Side Request Forgery SSRF issue exists in components that handle outgoing HTTP requests, specifically HTTP Notification Channels, OIDC BackChannel...

2.3CVSS6AI score
Exploits0References6
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.197 views

Ivanti SAML - Server Side Request Forgery (SSRF)

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. id: CVE-2024-21893 info: name: Ivanti SAML - Server...

9.1CVSS8.6AI score0.99999EPSS
Exploits19References5
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.25 views

SAP NetWeaver AS ABAP XML Signature Wrapping in SAML Authentication (3746332)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by an XML signature wrapping vulnerability in SAML authentication as referenced in SAP Security Note 3746332: - SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker...

9.9CVSS5.4AI score0.00231EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.11 views

Spring Security 5.7.x < 5.7.24 / 5.8.x < 5.8.26 / 6.3.x < 6.3.17 / 6.4.x < 6.4.17 / 6.5.x < 6.5.11 / 7.0.x < 7.0.6 DoS

The version of Spring Security installed on the remote host is 5.7.x prior to 5.7.24, 5.8.x prior to 5.8.26, 6.3.x prior to 6.3.17, 6.4.x prior to 6.4.17, 6.5.x prior to 6.5.11, or 7.0.x prior to 7.0.6. It is, therefore, affected by a vulnerability: - An application using...

7.5CVSS5.4AI score0.00331EPSS
Exploits0References2
Rows per page
Query Builder