|
541
|
5.5 |
MEDIUM
Local
|
opentelemetry
|
ebpf_instrumentation
|
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string o…
New
|
CWE-20
CWE-248
Improper Input Validation
Uncaught Exception
|
CVE-2026-45676
|
2026-06-4 01:08 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
542
|
4.2 |
MEDIUM
Network
|
redhat
|
build_of_keycloak
|
A flaw was found in Keycloak, an open-source identity and access management solution. When a client application is configured to accept broad redirect Uniform Resource Identifiers (URIs), a remote at…
Update
|
CWE-1288
Improper Validation of Consistency within Input
|
CVE-2026-9689
|
2026-06-4 00:42 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
543
|
8.8 |
HIGH
Network
|
redhat
|
build_of_keycloak
|
A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subject_token JSON Web Token (JWT) to the TokenEndpoint. When the token …
Update
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2026-9704
|
2026-06-4 00:40 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
544
|
6.5 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated attacker to tamper w…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-23638
|
2026-06-4 00:30 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
545
|
8.2 |
HIGH
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker to trick a user into executing arbitra…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-24751
|
2026-06-4 00:29 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
546
|
8.2 |
HIGH
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker to trick a user into executing arbitra…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-24752
|
2026-06-4 00:29 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
547
|
6.5 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resou…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-24753
|
2026-06-4 00:28 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
548
|
5.4 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, a stored XSS vulnerability in Kiteworks Secure Data Forms could allow an authenticated attacker to execute arbitrary JavaScript code…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-24754
|
2026-06-4 00:28 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
549
|
5.4 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify permi…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-24755
|
2026-06-4 00:27 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
550
|
4.3 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resou…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-24756
|
2026-06-4 00:26 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
