CVSS: 3.1EPSS: %CPEs: -EXPL: 0CVE-2026-4874 – Org.keycloak.protocol.oidc.grants: org.keycloak.services.managers: keycloak: server-side request forgery via oidc token endpoint manipulation
https://notcve.org/view.php?id=CVE-2026-4874
26 Mar 2026 — Successful exploitation allows the attacker to make HTTP requests from the Keycloak server’s network context, potentially probing internal networks or internal APIs, leading to information disclosure. • https://access.redhat.com/security/cve/CVE-2026-4874 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.7EPSS: %CPEs: 1EXPL: 0CVE-2026-34056 – OpenEMR has a Privilege Escalation that Allows a Low-Level User to View Admin-Only Data
https://notcve.org/view.php?id=CVE-2026-34056
25 Mar 2026 — This flaw compromises system confidentiality by exposing sensitive information, potentially leading to unauthorized data disclosure and misuse. • https://github.com/openemr/openemr/releases/tag/v8_0_0_3 • CWE-285: Improper Authorization CWE-425: Direct Request ('Forced Browsing') •
CVSS: 2.5EPSS: %CPEs: 4EXPL: 1CVE-2026-4823 – Enter Software Iperius Backup NTLM2 information disclosure
https://notcve.org/view.php?id=CVE-2026-4823
25 Mar 2026 — Executing a manipulation can lead to information disclosure. • https://github.com/0truust/iperius-backup-security-advisories/blob/main/advisories/ntlm-relay-credential-exposure.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 6.5EPSS: %CPEs: 1EXPL: 0CVE-2026-1014 – IBM InfoSphere Information Server is vulnerable due to disclosure of sensitive information
https://notcve.org/view.php?id=CVE-2026-1014
25 Mar 2026 — IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON server response manipulation. • https://www.ibm.com/support/pages/node/7266736 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.4EPSS: %CPEs: 1EXPL: 0CVE-2026-2483 – IBM InfoSphere Information Server Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2026-2483
25 Mar 2026 — IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session • https://www.ibm.com/support/pages/node/7266764 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: %CPEs: 1EXPL: 0CVE-2026-2484 – IBM InfoSphere Information Server Information Disclosure
https://notcve.org/view.php?id=CVE-2026-2484
25 Mar 2026 — IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information exposure vulnerability caused by overly verbose error messages • https://www.ibm.com/support/pages/node/7266767 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.8EPSS: %CPEs: 1EXPL: 0CVE-2026-2485 – IBM InfoSphere Information Server Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2026-2485
25 Mar 2026 — IBM Infosphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7266765 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: %CPEs: 1EXPL: 0CVE-2026-1262 – IBM InfoSphere Information Server Information Disclosure
https://notcve.org/view.php?id=CVE-2026-1262
25 Mar 2026 — IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability. • https://www.ibm.com/support/pages/node/7266748 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 3.1EPSS: %CPEs: 1EXPL: 0CVE-2025-14808 – IBM InfoSphere Information Server is vulnerable due to disclosure of sensitive information
https://notcve.org/view.php?id=CVE-2025-14808
25 Mar 2026 — IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques. • https://www.ibm.com/support/pages/node/7266695 • CWE-598: Use of GET Request Method With Sensitive Query Strings •
CVSS: 6.5EPSS: %CPEs: 1EXPL: 0CVE-2025-14790 – IBM InfoSphere Information Server is vulnerable to disclosure of sensitive information
https://notcve.org/view.php?id=CVE-2025-14790
25 Mar 2026 — IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due to insufficiently protected credentials. • https://www.ibm.com/support/pages/node/7266688 • CWE-522: Insufficiently Protected Credentials •