CVEs classified under CWE-551, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2016-20030 — CVSS 9.8 (critical): ZKTeco ZKBioSecurity 3.0 contains a user enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by…
CVE-2026-4636 — CVSS 8.1 (high): A flaw was found in Keycloak. An authenticated user with the uma_protection role can bypass User-Managed Access (UMA) policy validation…
CVE-2026-57920 — CVSS 7.7 (high): Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /rest/o/{orgId}…
CVE-2026-0707 — CVSS 5.3 (medium): A flaw was found in Keycloak. The Keycloak Authorization header parser is overly permissive regarding the formatting of the "Bearer"…