CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/06/05 8:16 a.m.•11 views

CVE-2026-9088

2.7CVSS0.00318EPSS

Cvelist•added 2026/06/05 7:52 a.m.•37 views

CVE-2026-9088 Keycloak: keycloak: information disclosure due to user profile permission bypass

2.7CVSS0.00318EPSS

EUVD•added 2026/06/05 7:52 a.m.•9 views

EUVD-2026-34790

2.7CVSS5.4AI score0.00318EPSS

ATTACKERKB•added 2026/06/05 7:52 a.m.•7 views

CVE-2026-9088

2.7CVSS5.4AI score0.00318EPSS

RedhatCVE•added 2026/06/05 7:48 a.m.•9 views

CVE-2026-9088

2.7CVSS5AI score0.00318EPSS

Snyk•added 2026/06/05 7:45 a.m.•4 views

Insufficient Granularity of Access Control

Overview org.keycloak:keycloak-server-spi-private is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Insufficient Granularity of Access Control in the getMembers methods that serve the group members...

5.1CVSS5.4AI score0.00318EPSS

Positive Technologies•added 2026/06/05 12:0 a.m.•9 views

PT-2026-46909

2.7CVSS5.4AI score0.00318EPSS

CNNVD•added 2026/06/05 12:0 a.m.•2 views

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a security vulnerability. This vulnerability arises from administrators with delegated access rights to read group member identities and user information. They can bypass user profile permission...

2.7CVSS5.3AI score0.00318EPSS

Tenable Nessus•added 2026/05/22 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-8144

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have...

ATTACKERKB•added 2026/05/18 7:5 a.m.•7 views

CVE-2026-6341

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

4.3CVSS5.8AI score0.00152EPSS

OSV•added 2026/05/15 9:11 a.m.•2 views

BIT-GITLAB-2026-8144 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with project membership to enumerate private group members due to missing authorization checks...

NVD•added 2026/05/14 6:16 a.m.•6 views

CVE-2026-8144

4.3CVSS0.00172EPSS

UbuntuCve•added 2026/05/14 6:16 a.m.•5 views

CVE-2026-8144

OSV•added 2026/05/14 6:16 a.m.•3 views

UBUNTU-CVE-2026-8144

CVE•added 2026/05/14 5:33 a.m.•21 views

CVE-2026-8144

GitLab CE/EE had an authorization check flaw that could allow an authenticated user with project membership to enumerate private group members. Affected versions: 15.1–18.9.6, 15.1–18.10.5, and 15.1–18.11.2. Remediation was applied in patch releases: 18.9.7, 18.10.6, and 18.11.3 respectively. Imp...

Exploits0References2Affected Software1

ATTACKERKB•added 2026/05/14 5:33 a.m.•7 views

CVE-2026-8144

Exploits0References3Affected Software1

EUVD•added 2026/05/14 5:33 a.m.•14 views

EUVD-2026-30241

Cvelist•added 2026/05/14 5:33 a.m.•38 views

CVE-2026-8144 Missing Authorization in GitLab

4.3CVSS0.00172EPSS

Positive Technologies•added 2026/05/14 12:0 a.m.•7 views

PT-2026-40879

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 15.1 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description An issue exists where an authenticated user with project membership can enumerate private group...