CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
A flaw was found in Keycloak where a remote attacker can exploit a CORS header injection vulnerability in the UMA token endpoint. The `azp` claim from a client-supplied JWT is used to set the `Access-Control-Allow-Origin` header before signature validation, allowing reflection of attacker-controlled values. This only affects clients misconfigured with `webOrigins: ["*"]`.
Mattermost Plugins versions <=11.4 and 10.11.11.0 fail to validate webhook request timestamps, allowing an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests.
A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSRF) by manipulating the `client_session_host` parameter during refresh token requests. This occurs when a Keycloak client is configured to use the `backchannel.logout.url` with the `application.session.host` placeholder.
The webbrowser.open() API in Python accepted URLs with leading dashes, which could be interpreted as command-line options by certain web browsers. The new behavior rejects such URLs.
Moduł tarfile w Pythonie błędnie normalizował bloki AREGTYPE (\x00) do DIRTYPE podczas przetwarzania wieloblokowych członków archiwum, takich jak GNUTYPE_LONGNAME lub GNUTYPE_LONGLINK. Może to prowadzić do błędnej interpretacji spreparowanego archiwum tar w porównaniu z innymi implementacjami.
W wyniku braku sprawdzenia autoryzacji w serwerze aplikacyjnym SAP NetWeaver dla ABAP, uwierzytelniony atakujący mógłby wykonać określony moduł funkcji ABAP i odczytać wrażliwe informacje z katalogu bazy danych systemu ABAP. Podatność ta ma niski wpływ na poufność aplikacji, nie wpływając na integralność i dostępność.
A TOCTOU vulnerability allows recently deleted-then-recreated data sources to be re-deleted without proper permissions.
A ReDoS vulnerability in ajv (Another JSON Schema Validator) before version 8.18.0 allows an attacker to cause a denial of service (DoS) by injecting a malicious regex pattern into the $data option. A single HTTP request with a 31-character payload can block the CPU for approximately 44 seconds.
A flaw in NetworkManager allows non-root users to access files owned by other users when configuring the network. The daemon runs with root privileges and can read files belonging to users other than the one who added the connection.
W libexpat przed wersją 2.7.4 funkcja XML_ExternalEntityParserCreate nie kopiuje danych użytkownika dla nieznanych obsługiwaczy kodowania. Może to prowadzić do nieprawidłowego przetwarzania danych XML.
A flaw was found in the libxml2 library where uncontrolled resource consumption occurs when processing XML catalogs with repeated <nextCatalog> elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing redundant traversal of catalog chains.
A flaw was found in the RelaxNG parser of libxml2 related to handling external schema inclusions. The parser does not enforce a limit on inclusion depth when resolving nested <include> directives, which can cause excessive recursion. Specially crafted schemas may lead to stack exhaustion and application crashes.
Podatność CVE-2025-13127 dotyczy niewłaściwej neutralizacji danych wejściowych podczas generowania stron internetowych w systemie GoldenHorn firmy TAC Information Services. Umożliwia to ataki typu Cross-Site Scripting (XSS).
W bibliotece libexpat do wersji 2.7.3, specjalnie przygotowany plik o przybliżonym rozmiarze 2 MiB może powodować znaczne opóźnienia w czasie przetwarzania, trwające nawet kilkanaście sekund.
An Improper Privilege Management vulnerability in Fortinet FortiOS and FortiPAM allows an authenticated administrator to bypass the trusted host policy via crafted CLI command.
CVE-2025-58903 in Fortinet FortiOS versions 7.6.0 through 7.6.3 and before 7.4.8 has an Unchecked Return Value vulnerability that allows an authenticated user to cause a Null Pointer Dereference, crashing the http daemon via a specially crafted request.
Fortinet FortiOS and FortiProxy have a URL Redirection to Untrusted Site vulnerability that may allow an unauthenticated attacker to perform an open redirect attack via crafted HTTP requests.
There is a vulnerability in Fortinet FortiOS and FortiProxy that allows for the insertion of sensitive information into log files. This affects FortiOS versions from 7.6.0 to 7.6.3 and all versions of 7.4, 7.2, 7.0, and 6.4, as well as FortiProxy from 7.6.0 to 7.6.3 and versions 7.4.0 to 7.4.13.
A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func:result> elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, resulting in a type confusion. This can cause unexpected memory reads and potential crashes.
The OpenSSL backend in glib-networking fails to properly check the return values of memory allocation routines. An out-of-memory condition could potentially result in writing to an invalid memory location.

