| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-40683 | OpenStack Keystone 安全漏洞 | OpenStack | Keystone | High | 7.7 | 2026-04-14 20:05:03 | Deep Dive |
| CVE-2026-33551 | OpenStack Keystone 安全漏洞 | OpenStack | Keystone | Low | 3.5 | 2026-04-10 00:00:00 | Deep Dive |
| CVE-2026-33326 | @keystone-6/core: `isFilterable` bypass via `cursor` parameter in findMany | keystonejs | keystone | Medium | 4.3 | 2026-03-24 19:08:06 | Deep Dive |
| CVE-2025-65073 | Keystone 安全漏洞 | OpenStack | Keystone | High | 7.5 | 2025-11-17 00:00:00 | Deep Dive |
| CVE-2025-46720 | Keystone has an unintended `isFilterable` bypass that can be used as an oracle to match hidden fields | keystonejs | keystone | Low | 3.1 | 2025-05-05 18:53:52 | Deep Dive |
| CVE-2023-40027 | Conditionally missing authorization in @keystone-6/core | keystonejs | keystone | Low | 3.7 | 2023-08-15 17:45:54 | Deep Dive |
| CVE-2023-34247 | @keystone-6/auth Open Redirect vulnerability | keystonejs | keystone | Medium | 6.1 | 2023-06-13 16:31:32 | Deep Dive |
| CVE-2022-39382 | NODE_ENV in Keystone defaults to development with esbuild | keystonejs | keystone | Critical | 9.8 | 2022-11-03 00:00:00 | Deep Dive |
| CVE-2022-39322 | @keystone-6/core vulnerable to field-level access-control bypass for multiselect field | keystonejs | keystone | Critical | 9.1 | 2022-10-25 00:00:00 | Deep Dive |
| CVE-2022-2447 | OpenStack 安全漏洞 | - | openstack-keystone | 中危 | - | 2022-09-01 20:30:20 | Deep Dive |
| CVE-2021-3563 | Red Hat OpenStack Platform 安全漏洞 | - | keystone | 高危 | - | 2022-08-26 15:25:41 | Deep Dive |
| CVE-2022-0087 | Cross-site Scripting (XSS) - Reflected in keystonejs/keystone | keystonejs | keystonejs/keystone | 中危 | - | 2022-01-11 23:20:11 | Deep Dive |
| CVE-2021-32624 | Private Field data leak | keystonejs | keystone-5 | High | 7.5 | 2021-05-24 16:55:09 | Deep Dive |
| CVE-2012-1572 | OpenStack Keystone 资源管理错误漏洞 | keystone | Keystone | 高危 | - | 2019-11-12 16:48:15 | Deep Dive |
| CVE-2013-2255 | OpenStack Keystone和OpenStack Compute 信任管理问题漏洞 | OpenStack | Keystone | 中危 | - | 2019-11-01 18:38:01 | Deep Dive |
| CVE-2017-2673 | OpenStack Kesytone 权限许可和访问控制问题漏洞 | [UNKNOWN] | openstack-keystone | 高危 | - | 2018-07-19 13:00:00 | Deep Dive |
| CVE-2015-9240 | keystone node模块安全漏洞 | HackerOne | keystone node module | 高危 | - | 2018-05-29 20:00:00 | Deep Dive |