PT-2026-24745

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw exists in the Account REST API of Keycloak that allows a user authenticated with a lower security level to perform sensitive actions intended only for higher-assurance sessions. An...

EUVD-2023-42965

Malicious code in bioql PyPI...

CVE-2023-40356

Affected software: PingOne MFA Integration Kit. Vulnerability: a flaw in the MFA setup prompt could allow pairing a new MFA device with a target user without requiring second‑factor authentication from the user’s existing devices. Root cause / trigger (as stated): may be exploited by a threat act...

PT-2023-26844 · Unknown · Pingfederate

Name of the Vulnerable Software and Affected Versions: PingFederate affected versions not specified Description: The issue allows a new MFA device to be paired without requiring second factor authentication from an existing registered device. A threat actor may be able to exploit this to register...

Red Hat Keycloak Authorization Issues Vulnerability

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. An authorization issue vulnerability exists in Red Hat Keycloak versions 8.0.2 and 9.0.0. An attacker could exploit the vulnerability to remove...