It was discovered that OpenStack Keystone allowed restricted application credentials to create EC2 credentials. An authenticated attacker with only a reader role could possibly use this issue to bypass the role restrictions imposed on the application credential. (CVE-2026-33551) It was discovered...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

USN-8433-1: OpenStack Keystone vulnerabilities

VERWANDTEARTIKEL

CVE-2026-48777 - FileBrowser Quantum: Path Traversal in public share PATCH allows file ops outside shared directory

CVE-2026-22312 - Use of Hard-coded Credentials Vulnerability in Radiflow iSAP Smart Collector

CVE-2026-22313 - OS Commands Executed with Administrative Permissions in Radiflow iSAP Smart Collector

CVE-2026-53866 - OpenClaw < 2026.5.12 - Allowlist Bypass in Shell Inline-Command Parsing

CVE-2026-53864 - OpenClaw < 2026.5.26 - Insufficient Environment Variable Sanitization in Node.js Control Variables

CVE-2026-53857 - OpenClaw < 2026.5.3 - Mutable Display Name Binding in Zalo allowFrom Policy