CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/03/19 10:6 p.m.•1 views

CVE-2026-32014

OpenClaw versions prior to 2026.2.26 contain a metadata spoofing vulnerability where reconnect platform and deviceFamily fields are accepted from the client without being bound into the device-auth signature. An attacker with a paired node identity on the trusted network can spoof reconnect...

8.6CVSS5.8AI score0.00034EPSS

OSV•added 2026/03/18 6:16 p.m.•1 views

DEBIAN-CVE-2026-23270

In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier 1: "Since the blamed commit below, classify can return TCACTCONSUMED while the current skb being held by the defragmentation...

7.8CVSS5.2AI score0.00018EPSS

Exploits0References1

NVD•added 2026/03/18 6:16 p.m.•1 views

CVE-2026-23270

7.8CVSS0.00018EPSS

Exploits0References7

UbuntuCve•added 2026/03/18 6:16 p.m.•1 views

CVE-2026-23270

OSV•added 2026/03/18 6:16 p.m.•2 views

Exploits0References6

UBUNTU-CVE-2026-23270

OSV•added 2026/03/18 5:54 p.m.•2 views

Exploits0References7

CVE-2026-23270 net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks

ATTACKERKB•added 2026/03/18 5:54 p.m.•0 views

Exploits0References9

CVE-2026-23270

Exploits0References8Affected Software1

OSV•added 2026/03/18 6:31 a.m.•2 views

GHSA-XV6H-R36F-3GP5 Keycloak: Denial of Service due to excessive SAMLRequest decompression

A flaw was found in Keycloak. An unauthenticated remote attacker can trigger an application level Denial of Service DoS by sending a highly compressed SAMLRequest through the SAML Redirect Binding. The server fails to enforce size limits during DEFLATE decompression, leading to an OutOfMemoryErro...

5.3CVSS5.9AI score0.0003EPSS

Exploits0References8

Github Security Blog•added 2026/03/18 6:31 a.m.•5 views

Keycloak: Denial of Service due to excessive SAMLRequest decompression

Exploits0References8Affected Software3

NVD•added 2026/03/18 4:17 a.m.•4 views

CVE-2026-2575

5.3CVSS0.0003EPSS

ATTACKERKB•added 2026/03/18 3:19 a.m.•1 views

CVE-2026-2575

CVE•added 2026/03/18 3:19 a.m.•37 views

Exploits0References5

CVE-2026-2575

Keycloak vulnerability CVE-2026-2575 allows an unauthenticated attacker to trigger an application‑level DoS by sending a highly compressed SAMLRequest via the Redirect Binding. The server does not enforce size limits during DEFLATE decompression, causing an OutOfMemoryError and possible process t...

Exploits0References4Affected Software1

Vulnrichment•added 2026/03/18 3:19 a.m.•1 views

CVE-2026-2575 Keycloak: keycloak: denial of service due to excessive samlrequest decompression

Cvelist•added 2026/03/18 3:19 a.m.•30 views

CVE-2026-2575 Keycloak: keycloak: denial of service due to excessive samlrequest decompression

5.3CVSS0.0003EPSS

OSV•added 2026/03/18 12:16 a.m.•4 views

DEBIAN-CVE-2026-27459

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to setcookiegeneratecallback returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0....

9.8CVSS4.6AI score0.00027EPSS

Exploits0References1

CNNVD•added 2026/03/18 12:0 a.m.•6 views

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a security vulnerability, which stems from the lack of enforcement of size limits in SAML redirection bindings. This vulnerability may lead to application-level denial-of-service attacks...