CVE-2026-11748

The CVE affects centraldogma-server-auth-shiro

GHSA-4HR2-XF7W-JF76 Central Dogma's Login Function Has an Open Redirect Vulnerability

Impact Successful exploitation of this vulnerability could allow an attacker to craft a malicious link that, when clicked by a victim, redirects them to a phishing website designed to mimic the legitimate Central Dogma login page. This could result in the compromise of user accounts and...

EUVD-2014-0167

Malware in sbrugna...

PT-2021-4217 · Apache +1 · Apache Shiro +1

Name of the Vulnerable Software and Affected Versions: Apache Shiro versions prior to 1.8.0 Description: The issue is related to weaknesses in the authentication mechanism of Apache Shiro. A specially crafted HTTP request may cause an authentication bypass, allowing a remote attacker to gain...

[SECURITY] [DLA 2181-1] shiro security update

Package : shiro Version : 1.2.3-1+deb8u1 CVE ID : CVE-2020-1957 Debian Bug : 955018 It was discovered that there was a path-traversal issue in Apache Shiro, a security framework for the Java programming language. A specially-crafted request could cause an authentication bypass. For Debian 8...

Shiro: successful authentication without specifying user name or password

It was discovered that Apache Shiro authenticated users without specifying a user name or a password when used in conjunction with an LDAP back end that allowed unauthenticated binds...

Shiro: successful authentication without specifying user name or password

It was discovered that Apache Shiro authenticated users without specifying a user name or a password when used in conjunction with an LDAP back end that allowed unauthenticated binds...