EUVD-2026-36059

Improper Restriction of Security Token Assignment vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Previously issued administrative tokens were not invalidated after an administrator account was suspended, deleted, or deactivated, allowing continued access to...

PT-2026-48456

Name of the Vulnerable Software and Affected Versions Apache Answer versions prior to 2.0.1 Description Improper Restriction of Security Token Assignment occurs when administrative tokens are not invalidated after an administrator account is suspended, deleted, or deactivated. This allows continu...

Improper Restriction of Security Token Assignment

Overview Affected versions of this package are vulnerable to Improper Restriction of Security Token Assignment via the token store process. An attacker can cause unauthorized renewal or revocation of tokens across namespaces by obtaining token accessors and leveraging privileged administrator...

ROS-20260122-73-0034

Vulnerability in apache-kafka related to security token assignment restriction errors. Exploitation of the vulnerability could allow an attacker to escalate privileges...

kernel: vhost_vdpa: assign irq bypass producer token correctly

A use-after-free flaw was found in drivers/vhost/vdpa.c in the Linux kernel...

CVE-2024-47748

...

The vulnerability of the NMI component of the authentication management software in Kubernetes clusters – AAD Pod Identity – involves bypassing the verification token, allowing attackers to elevate their privileges.

The vulnerability of the NMI component in the Kubernetes AAD Pod Identity authentication management tool is related to errors in token assignment restrictions. Exploiting this vulnerability can allow attackers to increase their privileges...