CVE-2026-4821 Proxy configuration command injection vulnerability found in GitHub Enterprise Server Management Console configuration API

An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Management Console administrator to execute arbitrary OS commands via shell metacharacter injection in proxy configuration fields such as httpproxy. Exploitation o...

SUSE CVE-2026-33322

MinIO is a high-performance object storage system. From RELEASE.2022-11-08T05-27-07Z to before RELEASE.2026-03-17T21-25-16Z, a JWT algorithm confusion vulnerability in MinIO's OpenID Connect authentication allows an attacker who knows the OIDC ClientSecret to forge arbitrary identity tokens and...

CVE-2026-33322

MinIO is a high-performance object storage system. From RELEASE.2022-11-08T05-27-07Z to before RELEASE.2026-03-17T21-25-16Z, a JWT algorithm confusion vulnerability in MinIO's OpenID Connect authentication allows an attacker who knows the OIDC ClientSecret to forge arbitrary identity tokens and...

GHSA-5CX5-WH4M-82FH MinIO has JWT Algorithm Confusion in OIDC Authentication

Impact What kind of vulnerability is it? Who is impacted? A JWT algorithm confusion vulnerability in MinIO's OpenID Connect authentication allows an attacker who knows the OIDC ClientSecret to forge arbitrary identity tokens and obtain S3 credentials with any policy, including consoleAdmin. An...

PT-2026-26481

Name of the Vulnerable Software and Affected Versions MinIO versions RELEASE.2022-11-08T05-27-07Z through RELEASE.2026-03-17T21-25-16Z Description MinIO has a JWT algorithm confusion issue in its OpenID Connect authentication. An attacker who knows the OIDC ClientSecret can forge identity tokens...

What’s New in InsightVM and Nexpose: Q1 2023 in Review

In Q1, our team continued to focus on driving better customer outcomes with InsightVM and Nexpose by further improving efficiency and performance. While many of these updates are under the hood, you may have started to notice faster vulnerability checks available for the recent ETRs or an upgrade...

PT-2023-2373 · Minio +2 · Minio +2

Name of the Vulnerable Software and Affected Versions: Minio versions RELEASE.2020-12-23T02-24-12Z through RELEASE.2023-03-13T19-46-17Z Description: The issue is related to a user with consoleAdmin permissions potentially creating a user that matches the root credential accessKey. Once this user ...

Unspecified Vulnerability in Oracle Service Bus

Oracle Fusion Middleware Oracle Fusion Middleware is Oracle's business innovation platform for enterprise and cloud environments, which provides middleware, software collections, and other capabilities.Oracle Service Bus is one of the components that supports the interaction between managed...