Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

NVD
NVDadded 2026/05/08 4:16 a.m.11 views

CVE-2026-42274

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs rule matching on the raw non-normalized request path, while downstream components may normalize dot-segments according to RFC 3986, Section 6.2.2.3. This discrepancy ca...

7.8CVSS0.00368EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/10/28 12:0 a.m.4 views

Red Hat build of Keycloak 代码问题漏洞

Red Hat build of Keycloak is a web application for single sign-on from Red Hat USA. A code issue vulnerability exists in the Red Hat build of Keycloak, which stems from a proxy misconfiguration that could result in accessing the /admin path via a non-normalized path...

3.7CVSS6.6AI score0.00364EPSS
Exploits0References3
Veracode
Veracodeadded 2019/05/16 3:58 a.m.25 views

Access Control Bypass

Envoy is vulnerable to access control bypass attacks. This is because it does not normalize HTTP URL paths. A remote attacker could craft a relative path and could interpret the non-normalized path, that provide an attacker to access beyond the scope provided by the access control policy...

10CVSS9.1AI score0.0268EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder