CVE-2026-23795 | Apache Syncope up to 3.0.15/4.0.3 Keymaster xml external entity reference

Inserito da Angelo Barbosa | Feb 2, 2026 | CVE

A vulnerability described as problematic has been identified in Apache Syncope up to 3.0.15/4.0.3. This impacts an unknown function of the component Keymaster. Executing a manipulation can lead to xml external entity reference.

This vulnerability is handled as CVE-2026-23795. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2026-23795 | Apache Syncope up to 3.0.15/4.0.3 Keymaster xml external entity reference

Post correlati

CVE-2024-25913 | MoveTo Plugin up to 6.2 on WordPress unrestricted upload

CVE-2023-51587 | Voltronic Power ViewPower Pro getModbusPassword improper authentication (ZDI-23-1892)

CVE-2025-4887 | SourceCodester Online Student Clearance System 1.0 cross-site request forgery

CVE-2024-3779 | ESET NOD32 Antivirus Installation/Upgrade default permission