Identity Management

Severe Casdoor Identity Platform Flaws Expose Corporate Networks

• Vulnerability Report

Severe Casdoor Identity Platform Flaws Expose Corporate Networks

Do Son June 2, 2026 0

Security researchers recently discovered critical security gaps in a popular open-source platform. Specifically, multiple Casdoor authentication bypass...

Read More Read more about Severe Casdoor Identity Platform Flaws Expose Corporate Networks

Keys to the Kingdom: Critical 9.9 CVSS Budibase Flaw Allows Total Tenant Takeover

• Vulnerability Report

Keys to the Kingdom: Critical 9.9 CVSS Budibase Flaw Allows Total Tenant Takeover

Do Son May 20, 2026 0

Budibase, the popular open-source operations platform known for saving engineers hundreds of hours building secure Agents, Apps,...

Read More Read more about Keys to the Kingdom: Critical 9.9 CVSS Budibase Flaw Allows Total Tenant Takeover

Public PoC and Technical Details Disclosed for Apache Syncope RCE

• Vulnerability Report

Public PoC and Technical Details Disclosed for Apache Syncope RCE

Do Son April 20, 2026 0

A new report from SecureLayer7 has unmasked a high-severity Remote Code Execution (RCE) vulnerability in Apache Syncope,...

Read More Read more about Public PoC and Technical Details Disclosed for Apache Syncope RCE

Critical 9.8 Webex Flaw Lets Attackers Impersonate Any User

• Vulnerability Report

Critical 9.8 Webex Flaw Lets Attackers Impersonate Any User

Do Son April 16, 2026 0

In the modern enterprise, the Single Sign-On (SSO) portal is the master key to a company’s digital...

Read More Read more about Critical 9.8 Webex Flaw Lets Attackers Impersonate Any User

OpenStack Keystone Flaw Grants Access to Disabled LDAP Users

• Vulnerability Report

OpenStack Keystone Flaw Grants Access to Disabled LDAP Users

Do Son April 15, 2026 0

In the complex machinery of cloud identity management, a single misinterpretation of data can lead to a...

Read More Read more about OpenStack Keystone Flaw Grants Access to Disabled LDAP Users

OpenStack Keystone Flaw Grants Full S3 Access via Restricted Credentials, PoC Available

• Vulnerability

OpenStack Keystone Flaw Grants Full S3 Access via Restricted Credentials, PoC Available

Do Son April 9, 2026 0

A significant security vulnerability has been uncovered in OpenStack Keystone, the identity service that serves as the...

Read More Read more about OpenStack Keystone Flaw Grants Full S3 Access via Restricted Credentials, PoC Available

Critical Security Update: IBM Patches Multiple Vulnerabilities in Verify Identity and Access

• Vulnerability Report

Critical Security Update: IBM Patches Multiple Vulnerabilities in Verify Identity and Access

Do Son April 8, 2026 0

IBM has released a comprehensive bulletin addressing a series of vulnerabilities within its Verify Identity Access and...

Read More Read more about Critical Security Update: IBM Patches Multiple Vulnerabilities in Verify Identity and Access

Identity at Risk: Apache Syncope Patches Critical Login XSS & XXE Flaws

• Vulnerability Report

Identity at Risk: Apache Syncope Patches Critical Login XSS & XXE Flaws

Do Son February 3, 2026 0

The Apache Software Foundation has released crucial security updates for Apache Syncope, its open-source digital identity management...

Read More Read more about Identity at Risk: Apache Syncope Patches Critical Login XSS & XXE Flaws

Critical ZITADEL Flaws (CVE-2025-67494, CVSS 9.3) Risk SSRF Internal Breach and Account Hijack via XSS

• Vulnerability Report

Critical ZITADEL Flaws (CVE-2025-67494, CVSS 9.3) Risk SSRF Internal Breach and Account Hijack via XSS

Do Son December 10, 2025 0

The security team behind ZITADEL, the open-source identity management platform, has issued urgent advisories regarding three high-severity...

Read More Read more about Critical ZITADEL Flaws (CVE-2025-67494, CVSS 9.3) Risk SSRF Internal Breach and Account Hijack via XSS

Apache Syncope Flaw (CVE-2025-65998) Exposes Encrypted User Passwords Due to Hard-Coded AES Key

• Vulnerability Report

Apache Syncope Flaw (CVE-2025-65998) Exposes Encrypted User Passwords Due to Hard-Coded AES Key

Do Son November 25, 2025 0

Apache has issued an important security advisory warning that Apache Syncope, the widely used open-source identity management...

Read More Read more about Apache Syncope Flaw (CVE-2025-65998) Exposes Encrypted User Passwords Due to Hard-Coded AES Key

CVE-2025-7493: Critical Flaw in FreeIPA Allows Host Users to Escalate to Domain Administrator

• Vulnerability Report

CVE-2025-7493: Critical Flaw in FreeIPA Allows Host Users to Escalate to Domain Administrator

Do Son October 1, 2025 0

The FreeIPA Team has released a security advisory addressing a critical privilege escalation vulnerability (CVE-2025-7493) that could...

Read More Read more about CVE-2025-7493: Critical Flaw in FreeIPA Allows Host Users to Escalate to Domain Administrator

Critical Privilege Escalation Flaw in FreeIPA Threatens Linux Domain Security

• Vulnerability

Critical Privilege Escalation Flaw in FreeIPA Threatens Linux Domain Security

Do Son June 20, 2025 0

A newly disclosed vulnerability in FreeIPA, an identity management solution used to centrally manage Linux and UNIX...

Read More Read more about Critical Privilege Escalation Flaw in FreeIPA Threatens Linux Domain Security