| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-34064 | OneLogin AD Connector Log S3 Bucket Hijack Leading to Cross-Tenant Data Leakage | One Identity | OneLogin Active Directory Connector (ADC) | - | - | 2025-07-01 14:49:34 | Deep Dive |
| CVE-2025-34063 | OneLogin AD Connector JWT Authentication Bypass via Exposed Signing Key | One Identity | OneLogin Active Directory Connector (ADC) | - | - | 2025-07-01 14:49:26 | Deep Dive |
| CVE-2025-34062 | OneLogin AD Connector API Credential and Signing Key Exposure | One Identity | OneLogin Active Directory Connector (ADC) | - | - | 2025-07-01 14:49:20 | Deep Dive |
| CVE-2025-20282 | Cisco ISE API Unauthenticated Remote Code Execution Vulnerability | Cisco | Cisco Identity Services Engine Software | Critical | 10.0 | 2025-06-25 16:29:12 | Deep Dive |
| CVE-2025-20281 | Cisco ISE API Unauthenticated Remote Code Execution Vulnerability | Cisco | Cisco Identity Services Engine Software | Critical | 10.0 | 2025-06-25 16:11:42 | Deep Dive |
| CVE-2025-20264 | Cisco Identity Services Engine Authorization Bypass Vulnerability | Cisco | Cisco Identity Services Engine Software | Medium | 6.4 | 2025-06-25 16:11:42 | Deep Dive |
| CVE-2024-3511 | Incorrect Authorization in Multiple WSO2 Products Allows Unauthorized Access to Registry Versioned Files | WSO2 | WSO2 Enterprise Integrator | Medium | 4.3 | 2025-06-23 08:47:55 | Deep Dive |
| CVE-2024-25573 | Stored Cross-Site Scripting in Administrative Console Context | Ping Identity | PingFederate | - | - | 2025-06-15 15:25:39 | Deep Dive |
| CVE-2025-22854 | Possible thread exhaustion from processing http responses in PingFederate Google Adapter | Ping Identity | PingFederate | - | - | 2025-06-15 15:00:06 | Deep Dive |
| CVE-2025-21085 | PingFederate OAuth Grant attribute duplication may use excessive memory | Ping Identity | PingFederate | - | - | 2025-06-15 14:25:39 | Deep Dive |
| CVE-2024-56343 | IBM Verify Identity Access Digital Credentials denial of service | IBM | Verify Identity Access Digital Credentials | Medium | 4.3 | 2025-06-06 01:28:39 | Deep Dive |
| CVE-2024-56342 | IBM Verify Identity Access Digital Credentials information disclosure | IBM | Verify Identity Access Digital Credentials | Medium | 4.3 | 2025-06-06 01:27:08 | Deep Dive |
| CVE-2025-20286 | ISE on AWS Static Credential | Cisco | Cisco Identity Services Engine Software | Critical | 9.9 | 2025-06-04 16:18:31 | Deep Dive |
| CVE-2025-20130 | Cisco Identity Services Engine Access Control Bypass Vulnerability | Cisco | Cisco Identity Services Engine Software | Medium | 4.9 | 2025-06-04 16:17:27 | Deep Dive |
| CVE-2024-1440 | Open Redirection in Multiple WSO2 Products via Multi-Option Authentication Endpoint | WSO2 | WSO2 Identity Server | Medium | 5.4 | 2025-06-02 16:51:17 | Deep Dive |
| CVE-2024-8008 | Reflected Cross-Site Scripting (XSS) in Multiple WSO2 Products via JDBC User Store Connection Validation | WSO2 | WSO2 Enterprise Integrator | Medium | 5.2 | 2025-06-02 16:48:12 | Deep Dive |
| CVE-2024-3509 | Stored Cross-Site Scripting (XSS) in Management Console of Multiple WSO2 Products via Rich Text Editor | WSO2 | WSO2 Enterprise Integrator | Medium | 4.3 | 2025-06-02 16:44:29 | Deep Dive |
| CVE-2024-7073 | Unauthenticated Server-Side Request Forgery (SSRF) in Multiple WSO2 Products via SOAP Admin Services | WSO2 | WSO2 Identity Server as Key Manager | Medium | 6.5 | 2025-06-02 16:38:33 | Deep Dive |
| CVE-2024-7097 | Incorrect Authorization in Multiple WSO2 Products via SOAP Admin Service Allowing Unauthorized User Signup | WSO2 | WSO2 Open Banking AM | Medium | 4.3 | 2025-05-30 15:04:10 | Deep Dive |
| CVE-2024-7096 | Privilege Escalation in Multiple WSO2 Products via SOAP Admin Service Due to Business Logic Flaw | WSO2 | WSO2 Open Banking IAM | Medium | 4.2 | 2025-05-30 14:54:32 | Deep Dive |