CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/05/05 12:0 a.m.•2 views

CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS5.8AI score0.00105EPSS

Exploits0References3

Tenable Nessus•added 2026/05/02 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-43001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not validate that the caller-supplied projectid for an EC2-type credential...

Tenable Nessus•added 2026/05/02 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-43003

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of t...

8CVSS5.9AI score0.0006EPSS

Exploits0References3

OSV•added 2026/05/01 9:30 a.m.•1 views

GHSA-HHQ2-3832-XXCV OpenStack Keystone has an Incorrect Authorization Issue

An issue was discovered in OpenStack Keystone 13 through 29. POST /v3/credentials did not validate that the caller-supplied projectid for an EC2-type credential matched the project of the authenticating application credential. This allowed an attacker holding an unrestricted application credentia...

7.9CVSS5.8AI score0.00018EPSS

Exploits1References4

Github Security Blog•added 2026/05/01 9:30 a.m.•5 views

OpenStack Ironic Python Agent Includes Functionality from Untrusted Control Sphere

An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image...

Exploits0References4Affected Software1

Github Security Blog•added 2026/05/01 9:30 a.m.•4 views

OpenStack Keystone has an Incorrect Authorization Issue

Exploits1References4Affected Software1

OSV•added 2026/05/01 9:30 a.m.•1 views

GHSA-RMXR-45GJ-889W OpenStack Ironic Python Agent Includes Functionality from Untrusted Control Sphere

NVD•added 2026/05/01 9:16 a.m.•2 views

Exploits0References4

CVE-2026-43003

8CVSS0.0006EPSS

NVD•added 2026/05/01 9:16 a.m.•1 views

CVE-2026-43001

An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not validate that the caller-supplied projectid for an EC2-type credential matched the project of the authenticating application credential. This allowed an attacker holding an unrestricted application credentia...

8CVSS0.00018EPSS

OSV•added 2026/05/01 9:16 a.m.•2 views

UBUNTU-CVE-2026-43003

UbuntuCve•added 2026/05/01 9:16 a.m.•1 views

Exploits0References3

CVE-2026-43001

8.5CVSS5.8AI score0.00018EPSS

UbuntuCve•added 2026/05/01 9:16 a.m.•1 views

CVE-2026-43003

8CVSS5.9AI score0.0006EPSS

OSV•added 2026/05/01 9:16 a.m.•2 views

UBUNTU-CVE-2026-43001

Cvelist•added 2026/05/01 12:0 a.m.•26 views

Exploits1References4

CVE-2026-43001

7.9CVSS0.00018EPSS

Vulnrichment•added 2026/05/01 12:0 a.m.•1 views

CVE-2026-43003

CNNVD•added 2026/05/01 12:0 a.m.•5 views

OpenStack Keystone 安全漏洞

OpenStack Keystone is a core authentication component library of the OpenStack open-source project. Security vulnerabilities exist in OpenStack Keystone versions 13 to 29. These vulnerabilities stem from the lack of verification of the projectid provided by the caller in the POST /v3/credentials...