Lucene search
+L

4 matches found

CVE
CVE
added 4 hours ago8 views

CVE-2026-16104

CVE-2026-16104 affects the authentication configuration endpoint in the Keycloak services used by Red Hat Build of Keycloak. The underlying issue is that the system does not mask sensitive configuration values (e.g., reCAPTCHA secrets) when requested by administrators with view-only permissions, ...

4.3CVSS5.4AI score
Exploits0References2
Cvelist
Cvelist
added 4 hours ago7 views

CVE-2026-16104 Keycloak-services: keycloak-services: authenticator config endpoint exposes raw recaptcha secrets to view-only admins

A flaw was found in the authentication configuration endpoint of the keycloak-services component, which is the core engine for Red Hat Build of Keycloak identity and access management. The issue occurs because the system fails to mask sensitive configuration values, such as reCAPTCHA secret keys,...

4.3CVSS
Exploits0References2
RedhatCVE
RedhatCVE
added 4 hours ago4 views

CVE-2026-16104

A flaw was found in the authentication configuration endpoint of the keycloak-services component, which is the core engine for Red Hat Build of Keycloak identity and access management. The issue occurs because the system fails to mask sensitive configuration values, such as reCAPTCHA secret keys,...

4.3CVSS4.9AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/18 7:25 a.m.5 views

CVE-2026-1860

The Kali Forms plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.8. This is due to the getitemspermissionscheck permission callback on the /kaliforms/v1/forms/id REST API endpoint only checking for the editposts capability without...

4.3CVSS5.6AI score0.00289EPSS
Exploits0References6
Rows per page
Query Builder