Lucene search
K

1667 matches found

ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-59713

Leantime contains an OIDC login CSRF vulnerability in the verifyState method that unconditionally returns true without validating state parameters. Attackers can craft malicious callback URLs with attacker-controlled authorization codes to perform session fixation, logging victims in as the...

8.6CVSS6AI score
Exploits0References5
EUVD
EUVD
added yesterday4 views

EUVD-2026-41941

Leantime contains an OIDC login CSRF vulnerability in the verifyState method that unconditionally returns true without validating state parameters. Attackers can craft malicious callback URLs with attacker-controlled authorization codes to perform session fixation, logging victims in as the...

8.6CVSS6AI score
Exploits0References4
CVE
CVE
added yesterday8 views

CVE-2026-59713

CVE-2026-59713 (Leantime) describes an OIDC login CSRF vulnerability in the verifyState() method, where the function unconditionally returns true without validating state parameters. This allows attackers to craft malicious callback URLs with attacker-controlled authorization codes to perform ses...

8.6CVSS6AI score
Exploits0References4
Nuclei
Nuclei
added yesterday77 views

Keycloak < 24.0.5 - Broken Access Control

A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege users to access administrative functionalities. This flaw allows users to perform actions reserved for administrators, potentially leading to data breaches or system compromise. id: CVE-2024-3656 info...

8.1CVSS7.1AI score0.02837EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago27 views

CVE-2026-14781 Keycloak-services: keycloak-services: oidc email_verified claim incorrectly applied to userinfo email

A flaw exists in the org.keycloak.broker.oidc package where the OIDC broker incorrectly synchronizes the emailverified claim. When an OIDC identity provider is configured with trustEmail=true and the userinfo endpoint is enabled, Keycloak retrieves the email address from the userinfo response but...

4.8CVSS0.00196EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-41732

A flaw exists in the org.keycloak.broker.oidc package where the OIDC broker incorrectly synchronizes the emailverified claim. When an OIDC identity provider is configured with trustEmail=true and the userinfo endpoint is enabled, Keycloak retrieves the email address from the userinfo response but...

4.8CVSS6.1AI score0.00196EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2 days ago7 views

CVE-2026-14781

A flaw exists in the org.keycloak.broker.oidc package where the OIDC broker incorrectly synchronizes the emailverified claim. When an OIDC identity provider is configured with trustEmail=true and the userinfo endpoint is enabled, Keycloak retrieves the email address from the userinfo response but...

4.8CVSS6.1AI score0.00196EPSS
Exploits0References3
CVE
CVE
added 2 days ago14 views

CVE-2026-14781

A flaw in Keycloak’s OIDC broker (org.keycloak.broker.oidc) causes incorrect synchronization of the email_verified claim. When trustEmail=true and the userinfo endpoint is enabled, Keycloak uses email from userinfo but takes email_verified from the id_token without validating that it corresponds ...

4.8CVSS6.1AI score0.00196EPSS
Exploits0References2
NVD
NVD
added 5 days ago6 views

CVE-2026-59096

Dapr Sentry's OIDC discovery endpoint derives the issuer and jwksuri of the /.well-known/openid-configuration document from the request Host, honoring an attacker-controlled X-Forwarded-Host header without validation when no allowed-hosts list is configured the default, and serves the document wi...

8.2CVSS0.00246EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-41427

Dapr Sentry's OIDC discovery endpoint derives the issuer and jwksuri of the /.well-known/openid-configuration document from the request Host, honoring an attacker-controlled X-Forwarded-Host header without validation when no allowed-hosts list is configured the default, and serves the document wi...

8.2CVSS5.8AI score0.00246EPSS
Exploits0References4
CVE
CVE
added 5 days ago10 views

CVE-2026-59096

Dapr Sentry’s OIDC discovery endpoint can be poisoned: the issuer and jwks_uri in /.well-known/openid-configuration are derived from the request Host via an attacker-controlled X-Forwarded-Host when oidc-allowed-hosts is not configured, and the document is cached for one hour. This allows remote ...

8.2CVSS5.8AI score0.00246EPSS
Exploits0References4
NVD
NVD
added 5 days ago6 views

CVE-2026-14336

PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check issuer.startswith' https://ci.eclipse.org ' in isissuerknown, pia/models.py:139 instead of validating the issuer as a properly host-bounded URL. An attacker can craft an issuer such as https://[email protected]...

8.2CVSS0.00321EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-41259

PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check issuer.startswith' https://ci.eclipse.org ' in isissuerknown, pia/models.py:139 instead of validating the issuer as a properly host-bounded URL. An attacker can craft an issuer such as https://[email protected]...

8.2CVSS6AI score0.00321EPSS
Exploits0References1
CVE
CVE
added 5 days ago8 views

CVE-2026-14336

The connected documents confirm CVE-2026-14336 affects PIA’s OIDC issuer allowlist for Jenkins tokens. The issue is a faulty host-bounded URL validation: issuer.startswith(' https://ci.eclipse.org ') is used in is_issuer_known (pia/models.py:139) instead of properly validating the issuer as a hos...

8.2CVSS6AI score0.00321EPSS
Exploits0References1
Fedora
Fedora
added 5 days ago7 views

[SECURITY] Fedora 43 Update: opkssh-0.14.0-3.fc43

OpenPubkey SSH is a tool which enables ssh to be used with OpenID Connect allowing SSH access to be managed via identities like aliceaexample.com ins tead of long-lived SSH keys...

9.1CVSS5.8AI score0.005EPSS
Exploits0
Fedora
Fedora
added 5 days ago6 views

[SECURITY] Fedora 44 Update: opkssh-0.14.0-3.fc44

OpenPubkey SSH is a tool which enables ssh to be used with OpenID Connect allowing SSH access to be managed via identities like aliceaexample.com ins tead of long-lived SSH keys...

9.1CVSS5.8AI score0.005EPSS
Exploits0
Positive Technologies
Positive Technologies
added 5 days ago7 views

PT-2026-54948

Name of the Vulnerable Software and Affected Versions PIA affected versions not specified Description The OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check instead of validating the issuer as a properly host-bounded URL. This allows an attacker to bypass the check using a...

8.2CVSS6.1AI score0.00321EPSS
Exploits0References4
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/29 12:0 a.m.8 views

SimpleHelp Authentication Bypass Vulnerability

SimpleHelp contains an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted without verifying their cryptographic signature. In a vulnerable configuration, a remote, unauthenticated attacke...

10CVSS5.9AI score0.0116EPSS
In wildExploits1
RedHat Linux
RedHat Linux
added 2026/06/25 5:36 p.m.5 views

org.keycloak/keycloak-services: keycloak: org.keycloak.protocol.oidc: Security flaw in org.keycloak/keycloak-services

A flaw was found in Keycloak. When both realm-level and client-level notBefore revocation policies are configured, Keycloak's OpenID Connect OIDC Introspection feature fails to properly honor the realm-level policy. This allows tokens that should have been revoked to remain active, potentially...

5.4CVSS5.7AI score0.00281EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 5:36 p.m.4 views

keycloak-rhel9: Organization Data Leak After Feature Disabled in Keycloak

A flaw was found in Keycloak. An authenticated user with existing organization membership can exploit this flaw by accessing user-facing APIs, such as the account API or by requesting an OpenID Connect OIDC token with the 'organization' scope. This allows organization metadata to be disclosed in...

4.3CVSS5.7AI score0.00214EPSS
Exploits0References4
Rows per page
Query Builder