986 matches found
CVE-2026-22097
The firmware update mechanism does not include cryptographic signature validation. This allows anyone with access to the firmware update capability to upload arbitrary files which can then lead to arbitrary code execution...
Keycloak - SAML Core Package Signature Validation Flaw
A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Referen...
EUVD-2026-42958
ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL's external JWT Identity Provider validates a token's signature and issuer iss but not the audience aud claim, allowing a validly signed token from a trusted issuer for another relying party to be accepted ...
CVE-2026-54799
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application contains a vulnerability in its firmware update mechanism's signature validation process. This could allow an attacker to install...
EUVD-2026-42594
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application contains a vulnerability in its firmware update mechanism's signature validation process. This could allow an attacker to install...
CVE-2026-54799
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application contains a vulnerability in its firmware update mechanism's signature validation process. This could allow an attacker to install...
CVE-2026-54799
The CVE-2026-54799 entry describes a vulnerability in the firmware update signature validation for CPCI85 Central Processing/Communication (all versions < V26.20) and SICORE Base system (all versions
Security Bulletin: Multiple vulnerabilities in IBM Tivoli Monitoring affect IBM Cloud Pak System
Summary Multiple vulnerabilities in IBM Tivoli Monitoring affect IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-35154 DESCRIPTION: IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to...
SAML 2.0 SP signature validation behaviour from ICS 25.1.3.0
Last Modified Date Jul 3, 2026 11:45:26 AM...
CVE-2026-13602
We found a chain of combining multiple weaknesses in the product that could allow an attacker to become any user in the backend and access any data: The payment integration plugins Stripe included in the core system, pretix-mollie, pretix-oppwa, pretix-bitpay, pretix-payone, pretix-secuconnect,...
CVE-2026-40941
A flaw was found in Cacti, an open-source performance and fault management framework. This vulnerability allows a remote attacker to bypass the package import signature validation. By exploiting this flaw, an attacker can import self-signed packages, potentially leading to the execution of...
K000161919: BIND vulnerability CVE-2026-5947
Security Advisory Description Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as...
DEBIAN-CVE-2026-40941
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...
CVE-2026-40941
CVE-2026-40941 affects Cacti up to version 1.2.30 and is caused by a package import signature validation bypass that allows the use of self-signed packages. The issue has been fixed in version 1.2.31. Affected software is Cacti (open source performance and fault management framework). Remediation...
CVE-2026-46423
Rocket.Chat prior to versions 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11 contains a SAML SP issue where the verifySignatures routine returns early if serviceProviderOptions.cert is falsy, causing silent skip of SAML Response and Assertion signature validation when the IdP certi...
PT-2026-52171
Name of the Vulnerable Software and Affected Versions Drupal Commerce Realex / Global Payments versions 0.0.0 through 3.0.2 Description An incorrect authorization issue allows forceful browsing when the gateway is configured with the redirect payment method. The module fails to sufficiently verif...
CVE-2026-55599
phpseclib is a PHP secure communications library. From 0.1.1 until 1.0.30, 2.0.55, and 3.0.54, when an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature reads a URL out of that certificate's Authority Information Access AIA extension and connects to it...
Linux Distros Unpatched Vulnerability : CVE-2026-12725
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing...
Information Exposure
Overview org.springframework.security:spring-security-saml2-service-provider is a security component for the Spring Framework. Affected versions of this package are vulnerable to Information Exposure via SAML message decryption prior to signature validation. An attacker can use the Service Provid...
CVE-2026-41669
Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio SAML Identity Provider implementation discards the return value of its validateSignature method at both call sites handleSSORequest line 418 and handleSLORequest line 613. The method returns error strings on...