Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 265 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-1190 Org.keycloak/keycloak-services: keycloak saml brokering: response delay due to unchecked notonorafter in subjectconfirmationdata Red HatRed Hat build of Keycloak 26.4 Low 3.1 2026-01-26 19:36:54 Deep Dive
CVE-2025-14969 Hibernate-reactive-core: hibernate reactive: denial of service due to connection leak on http client disconnect Red HatRed Hat build of Quarkus 3.27.2 Medium 4.3 2026-01-26 19:36:40 Deep Dive
CVE-2026-0603 Org.hibernate/hibernate-core: hibernate: information disclosure and data deletion via second-order sql injection -- High 8.3 2026-01-23 06:31:39 Deep Dive
CVE-2025-14083 Keycloak-server: keycloak: improper access control in admin rest api leads to information disclosure Red HatRed Hat build of Keycloak 26.4 Low 2.7 2026-01-21 12:04:13 Deep Dive
CVE-2025-14559 Org.keycloak/keycloak-services: keycloak keycloak-services: business logic flaw allows unauthorized token issuance for disabled users Red HatRed Hat build of Keycloak 26.4 Medium 6.5 2026-01-21 06:13:31 Deep Dive
CVE-2026-1035 Org.keycloak.protocol.oidc: keycloak refresh token reuse bypass via toctou race condition Red HatRed Hat build of Keycloak 26.4 Low 3.1 2026-01-21 05:52:22 Deep Dive
CVE-2026-1180 Org.keycloak.protocol.oidc: blind server-side request forgery (ssrf) in keycloak oidc dynamic client registration via jwks_uri Red HatRed Hat build of Keycloak 26.4 Medium 5.8 2026-01-20 12:33:01 Deep Dive
CVE-2025-14977 Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy <= 4.2.4 - Insecure Direct Object Reference to PayPal Account Takeover and Sensitive Information Disclosure dokanincDokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy High 8.1 2026-01-20 04:35:46 Deep Dive
CVE-2025-13845 Schneider Electric EcoStruxure Power Build Rapsody 资源管理错误漏洞 Schneider ElectricEcoStruxure Power Build Rapsody--2026-01-15 18:33:23 Deep Dive
CVE-2025-13844 Schneider Electric EcoStruxure Power Build Rapsody 资源管理错误漏洞 Schneider ElectricEcoStruxure Power Build Rapsody--2026-01-15 18:28:37 Deep Dive
CVE-2021-47777 Build Smart ERP 21.0817 - 'eidValue' SQL Injection (Unauthenticated) RibccsBuild Smart ERP High 8.2 2026-01-15 15:52:14 Deep Dive
CVE-2026-0976 Org.keycloak/keycloak-quarkus-server: keycloak: proxy bypass due to improper handling of matrix parameters in url paths Red HatRed Hat Build of Keycloak Low 3.7 2026-01-15 12:06:21 Deep Dive
CVE-2026-0707 Keycloak: keycloak authorization header parsing leading to potential security control bypass Red HatRed Hat build of Keycloak 26.4 Medium 5.3 2026-01-08 03:41:28 Deep Dive
CVE-2025-12543 Undertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf Red HatRed Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11 Critical 9.6 2026-01-07 16:04:22 Deep Dive
CVE-2025-11419 Keycloak: keycloak tls client-initiated renegotiation denial of service -- High 7.5 2025-12-23 20:42:39 Deep Dive
CVE-2025-14777 Keycloak: keycloak idor in realm client creating/deleting Red HatRed Hat build of Keycloak 26.4 Medium 6.0 2025-12-16 05:02:42 Deep Dive
CVE-2025-14082 Keycloak-services: keycloak admin rest api: improper access control leads to sensitive role metadata information disclosure Red HatRed Hat build of Keycloak 26.4 Low 2.7 2025-12-10 09:04:51 Deep Dive
CVE-2024-3884 Undertow: outofmemory when parsing form data encoding with application/x-www-form-urlencoded Red HatRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 High 7.5 2025-12-03 18:40:26 Deep Dive
CVE-2025-13467 Org.keycloak.storage.ldap: keycloak: deserialization of untrusted data in ldap user federation KeycloakKeycloak Medium 5.5 2025-11-25 16:02:21 Deep Dive
CVE-2025-11538 Keycloak-server: debug default bind address Keycloakkeycloak Medium 6.8 2025-11-13 16:47:54 Deep Dive