2 matches found
CVE-2026-31957 Himmelblau unset domain configuration can allow any-tenant authentication at first login for remote deployments
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 3.0.0 to before 3.1.0, if Himmelblau is deployed without a configured tenant domain in himmelblau.conf, authentication is not tenant-scoped. In this mode, Himmelblau can accept authentication attempts for...
Incorrect Authorization
Apache Pulsar is vulnerable to Incorrect Authorization. The vulnerability is due to improper permission checks, which allows an attacker to perform operations such as unloading topics or triggering compaction. Additionally, the vulnerability allows an authenticated user to read, create, modify, a...