Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

223 New today

66,922 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

386

Jun 26

Jun 27

318

Jun 28

284

Jun 29

218

Jun 30

Critical

High

Medium

Low

Latest

CVE CVSS 6.5

Keycloak: keycloak: privilege escalation through hardcoded role mapper injection_CVE-2026-4629

A flaw was found in Keycloak. A highly privileged user with `manage-clients` permission can exploit this vulnerability by injecting a hardcoded role mapper into any client. This action allows the user to bypass existing scope restrictions and inject the `realm-admin` role into...

CVE-2026-4629 Red Hat Red Hat Build of Keycloak

Jun 30, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.5	CVE-2026-44946	SAML Authentication Replay in Rancher_CVE-2026-44946 A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service (ACS) handler did not enforce one-time use of SAML assertion, po...	SUSE	Rancher 2.14.0	Jun 30, 2026	CVE
MEDIUM 4.3	CVE-2026-14209	Keycloak-admin-ui: keycloak-admin-ui: keycloak: admin ui extension brute-force-user endpoint bypasses fgapv2 user view restrictions_CVE-2026-14209 A vulnerability was discovered in Keycloak's Admin UI extension that allows certain administrative users to bypass security restrictions. When Fine...	Red Hat	Red Hat Build of Keycloak	Jun 30, 2026	CVE
MEDIUM 6.5	CVE-2026-12388	Keycloak-broker: keycloak: privilege escalation to realm administrator via improper authorization in identity provider mapper_CVE-2026-12388 A flaw was found in the Identity Provider (IdP) mapper component of Keycloak, which is used to manage how user information from external services i...	Red Hat	Red Hat Build of Keycloak	Jun 30, 2026	CVE
HIGH 7.8	1A5AFF91-769E-	Exploit for CVE-2026-46331_1A5AFF91-769E-5D60-9467-A406F3FD6FD5 CVE-2026-46331 - "pedit COW" Vulnerability Assessment & Mitigation Guide Este repositorio contiene herramientas administrativas básicas para verifi...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
HIGH 7.5	5CCC4D1D-CB00-	Exploit for CVE-2026-4020_5CCC4D1D-CB00-54EE-88B5-E103837659E0 No description provided...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
HIGH 7.8	B1A34079-E8F9-	Exploit for CVE-2026-31694_B1A34079-E8F9-5174-9297-C9EF365CAE42 FUSE readdir cache out-of-bounds write PoC Local proof of concept for a missing bounds check in fs/fuse/readdir.c:fuseadddirenttocache. A FUSE serv...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
NONE	H1:3831432	curl: setopt(VERIFYPEER) from callback bypasses TLS verify on connection reuse_H1:3831432 ## Summary: `Curl_ssl_conn_config_update` overwrites `conn->ssl_config.verifypeer` when `curl_easy_setopt(CURLOPT_SSL_VERIFYPEER, ...)` is called,...	N/A	N/A	Jun 29, 2026	HACKERONE
NONE	IMPERVABLOG:02B...	AI Agents Are Visiting Your Website. Which Ones Should You Trust?_IMPERVABLOG:02B3638CB0833BED533ED6C0178D7199 The internet is changing fast. For years, the main goal of search was simple: to help users find links. A user searched, reviewed results, clicked...	N/A	N/A	Jun 30, 2026	IMPERVABLOG
NONE	SECURELIST:318E...	ToddyCat: your hidden email assistant. Part 2_SECURELIST:318E425764C1762E8EB0EB5B9B2F6150 ![](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2026/06/19083452/toddycat-part-2-featured-image-990x400.jpg) ## Introduction...	N/A	N/A	Jun 30, 2026	SECURELIST

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Keycloak: keycloak: privilege escalation through hardcoded role mapper injection_CVE-2026-4629

Recent Advisories

SAML Authentication Replay in Rancher_CVE-2026-44946

Keycloak-admin-ui: keycloak-admin-ui: keycloak: admin ui extension brute-force-user endpoint bypasses fgapv2 user view restrictions_CVE-2026-14209

Keycloak-broker: keycloak: privilege escalation to realm administrator via improper authorization in identity provider mapper_CVE-2026-12388

Exploit for CVE-2026-46331_1A5AFF91-769E-5D60-9467-A406F3FD6FD5

Exploit for CVE-2026-4020_5CCC4D1D-CB00-54EE-88B5-E103837659E0

Exploit for CVE-2026-31694_B1A34079-E8F9-5174-9297-C9EF365CAE42

curl: setopt(VERIFYPEER) from callback bypasses TLS verify on connection reuse_H1:3831432

AI Agents Are Visiting Your Website. Which Ones Should You Trust?_IMPERVABLOG:02B3638CB0833BED533ED6C0178D7199

ToddyCat: your hidden email assistant. Part 2_SECURELIST:318E425764C1762E8EB0EB5B9B2F6150

Protect Your Attack Surface with RedGem

Security Intelligence
Feed