5 matches found
CVE-2026-58419 Notification API leaks private issue metadata after access revocation
Notification API leaks private issue metadata after access revocation...
EUVD-2026-32716
A flaw was found in Keycloak. An authenticated administrator with the manage-clients role can exploit a Time-of-check to time-of-use TOCTOU vulnerability in the name-based admin role checks. This allows the attacker to escalate their privileges to realm-admin for all users within the realm,...
CVE-2026-9796
A flaw was found in Keycloak. An authenticated administrator with the manage-clients role can exploit a Time-of-check to time-of-use TOCTOU vulnerability in the name-based admin role checks. This allows the attacker to escalate their privileges to realm-admin for all users within the realm,...
Keycloak 安全漏洞
Keycloak is an open-source identity and access management solution developed by Keycloak itself. There is a security vulnerability in Keycloak. This vulnerability stems from the fact that authenticated administrators with the manage-clients role can exploit the vulnerability in the name-based...
F5 NGINX Plus和F5 NGINX Open Source 安全漏洞
F5 NGINX Plus and F5 NGINX Open Source are both products of the American company F5. F5 NGINX Plus is a software-based application delivery platform. F5 NGINX Open Source is a high-performance web server, reverse proxy server, load balancer, and API gateway. Both F5 NGINX Plus and F5 NGINX Open...