Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-44394 |
|
Authorization Flaw in keystone (CVE-2026-44394)
vulnerability in keystone (CVE-2026-44394). Risk of unauthorized operations or information disclosure. Exploitable via `POST /v3/auth/tokens`. Mitigation: upgrade to `29.0.2` or later.
|
| CVE-2026-42998 |
|
Authorization Flaw in keystone (CVE-2026-42998)
vulnerability in keystone (CVE-2026-42998). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `29.0.2` or later.
|
| CVE-2026-42999 |
|
Vulnerability in keystone (CVE-2026-42999)
vulnerability in keystone (CVE-2026-42999). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `29.0.2` or later.
|
| CVE-2026-43000 |
|
Vulnerability in keystone (CVE-2026-43000)
vulnerability in keystone (CVE-2026-43000). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `29.0.2` or later.
|
| CVE-2026-43001 |
|
Authorization Flaw in keystone (CVE-2026-43001)
vulnerability in keystone (CVE-2026-43001). Confidential information can be exposed externally. Exploitable via `POST /v3/credentials`.
|
| CVE-2026-33551 |
|
Authorization Flaw in keystone (CVE-2026-33551)
vulnerability in keystone (CVE-2026-33551). Confidential information can be exposed externally. Mitigation: upgrade to `26.1.1` or later.
|
| CVE-2017-16570 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-16570)
vulnerability in csrf (CVE-2017-16570). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15881 |
|
Cross-Site Scripting (XSS) in keystonejs (CVE-2017-15881)
cross-site scripting in keystonejs (CVE-2017-15881). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15878 |
|
Cross-Site Scripting (XSS) in keystonejs (CVE-2017-15878)
cross-site scripting in keystonejs (CVE-2017-15878). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15879 |
|
Vulnerability in c (CVE-2017-15879)
vulnerability in c (CVE-2017-15879). Successful exploitation can lead to full system takeover.
|