CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2026-2006 – PostgreSQL missing validation of multibyte character length executes arbitrary code
https://notcve.org/view.php?id=CVE-2026-2006
12 Feb 2026 — Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected. Multiple security issues were discovered in PostgreSQL, which may result in memory disclosure or the execution of arbitrary code. For the oldstable distribution (bookworm), these probl... • https://www.postgresql.org/support/security/CVE-2026-2006 • CWE-129: Improper Validation of Array Index •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2026-26158 – Busybox: busybox: arbitrary file modification and privilege escalation via unvalidated tar archive entries
https://notcve.org/view.php?id=CVE-2026-26158
11 Feb 2026 — A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to privilege escalation, enabling an attacker to gain unauthorized access to critical system files. • https://access.redhat.com/security/cve/CVE-2026-26158 • CWE-73: External Control of File Name or Path •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 1CVE-2026-26157 – Busybox: busybox: arbitrary file overwrite and potential code execution via incomplete path sanitization
https://notcve.org/view.php?id=CVE-2026-26157
11 Feb 2026 — A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the intended directory. This can lead to arbitrary file overwrite, potentially enabling code execution through the modification of sensitive system files. • https://www.exploit-db.com/exploits/52538 • CWE-73: External Control of File Name or Path •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-11537 – Keycloak-server: sensitive headers shown in the http access logs
https://notcve.org/view.php?id=CVE-2025-11537
10 Feb 2026 — A flaw was found in Keycloak. When the logging format is configured to a verbose, user-supplied pattern (such as the pre-defined 'long' pattern), sensitive headers including Authorization and Cookie are disclosed to the logs in cleartext. An attacker with read access to the log files can extract these credentials (e.g., bearer tokens, session cookies) and use them to impersonate users, leading to a full account compromise. • https://access.redhat.com/security/cve/CVE-2025-11537 • CWE-117: Improper Output Neutralization for Logs •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-14778 – Keycloak: incorrect ownership checks in /uma-policy/
https://notcve.org/view.php?id=CVE-2025-14778
09 Feb 2026 — A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService (UMA Protection API). When updating or deleting a UMA policy associated with multiple resources, the authorization check only verifies the caller's ownership against the first resource in the policy's list. This allows a user (Owner A) who owns one resource (RA) to update a shared policy and modify authorization rules for other resources (e.g., RB) in that same policy, even if those oth... • https://access.redhat.com/errata/RHSA-2026:2363 • CWE-266: Incorrect Privilege Assignment •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 1CVE-2026-1529 – Org.keycloak.services.resources.organizations: keycloak: unauthorized organization registration via improper invitation token validation
https://notcve.org/view.php?id=CVE-2026-1529
09 Feb 2026 — A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token (JWT) payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access. • https://packetstorm.news/files/id/215260 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2026-1486 – Org.keycloak.protocol.oidc.grants: disabled identity providers are still accepted for jwt authorization grant
https://notcve.org/view.php?id=CVE-2026-1486
09 Feb 2026 — A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-grant flow where the server fails to verify if an Identity Provider (IdP) is enabled before issuing tokens. The issuer lookup mechanism (lookupIdentityProviderFromIssuer) retrieves the IdP configuration but does not filter for isEnabled=false. If an administrator disables an IdP (e.g., due to a compromise or offboarding), an entity possessing that IdP's signing key can still generate valid JWT assertions that Keycloak accepts, res... • https://access.redhat.com/errata/RHSA-2026:2365 • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2025-14831 – Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification
https://notcve.org/view.php?id=CVE-2025-14831
09 Feb 2026 — A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs). Tim Scheckenbach discovered that GnuTLS incorrectly handled malicious certificates containing a large number of name constraints and subject alternative names. A remote attacker could possibly use this issue to cause GnuTLS to consume re... • https://access.redhat.com/security/cve/CVE-2025-14831 • CWE-407: Inefficient Algorithmic Complexity •
CVSS: 9.0EPSS: 1%CPEs: 31EXPL: 0CVE-2026-1761 – Libsoup: stack-based buffer overflow in libsoup multipart response parsingmultipart http response
https://notcve.org/view.php?id=CVE-2026-1761
02 Feb 2026 — A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption. This issue may result in application crashes or arbitrary code execution in applications that process untrusted server responses, and it does not require authentication or user interaction. This update for libsoup2... • https://access.redhat.com/security/cve/CVE-2026-1761 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-4027 – Undertow: outofmemoryerror in httpservletrequestimpl.getparameternames() can cause remote dos attacks
https://notcve.org/view.php?id=CVE-2024-4027
30 Jan 2026 — A flaw was found in Undertow. Servlets using a method that calls HttpServletRequestImpl.getParameterNames() can cause an OutOfMemoryError when the client sends a request with large parameter names. This issue can be exploited by an unauthorized user to cause a remote denial-of-service (DoS) attack. • https://access.redhat.com/security/cve/CVE-2024-4027 • CWE-20: Improper Input Validation •