CVE-2026-49299

In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single-tag write operations while the defined policy rules use singular names. The mismatched names evaluate as allowed under the default policy, permitting a project reader to create and update tags...

EUVD-2026-33074

In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single-tag write operations while the defined policy rules use singular names. The mismatched names evaluate as allowed under the default policy, permitting a project reader to create and update tags...

PT-2026-22154

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2025.12.2 Discourse versions prior to 2026.1.1 Discourse versions prior to 2026.2.0 Description Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, the...

CVE-2024-20279 Cisco Application Policy Infrastructure Controller Unauthorized Policy Actions Vulnerability

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service QoS policies, on an affected system. This...

Cisco APIC Unauthorized Policy Actions (cisco-sa-apic-uapa-F4TAShk)

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies for example, access policies created by users associated with a different securi...

Cisco Application Policy Infrastructure Controller Unauthorized Policy Actions Vulnerability

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies for example, access policies created by users associated with a different securi...

Rare failure in the Identity Sharing network registration may potentially result in incorrect policy actions

Cause The connection is handled by the PEP Gateway, but no identity is found on the PEP for the connection’s IPs. With smart pull Identity sharing, the PEP Gateway will hold the connection if: 1. The Access Role is used in the policy and required for the final rulebase match. 2. There is a remote...

Using Domain Objects in the rulebase might cause wrong policy actions in R80.10 JHF Take_91-103

...