High CVE-2026-46689 Kanidm is an identity management platform. Prior to version 1.9.3, a single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses (≈ 4–12 KB) drives the recursive-descent PEG parser past the worker thread's stack guard...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[High] CVE-2026-46689 – Kanidm is an identity management platform. Prior to version 1.9.3, a single unau...

VERWANDTEARTIKEL

CVE-2026-42908

CVE-2026-45639

CVE-2026-46695 - BoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files

CVE-2026-46703 - BoxLite: Path Traversal Vulnerability in boxlite Leads to Arbitrary File Write on the Host

CVE-2026-42305 - Dulwich has an arbitrary file write via NTFS-hostile tree entries on Windows

[High] CVE-2026-53738 – Copy & Delete Posts through 1.5.4 lets any plugin-enabled non-admin role invoke ...