Known Vulnerabilities for Identity Server by Wso2
Listed below are 10 of the newest known vulnerabilities associated with "Identity Server" by "Wso2".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-46414 json | Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft ... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-45396 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the POST /... | Not Provided | 2026-05-15 | 2026-05-15 |
| CVE-2026-44314 json | Traccar is an open source GPS tracking system. Prior to 6.13.0, DeviceResource.uploadImage authorizes the target device only ... | Not Provided | 2026-05-26 | 2026-05-26 |
| CVE-2026-42789 json | Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP public_key (pubkey_cert module) allows a non... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-42602 json | azureauthextension is the Azure Authenticator Extension. From 0.124.0 to 0.150.0, a server-side authentication bypass in azur... | Not Provided | 2026-05-13 | 2026-05-14 |
| CVE-2026-41147 json | NukeViet CMS is a multi Content Management System. Versions 4.5.07 and prior contain a Stored Cross-Site Scripting (XSS) vuln... | Not Provided | 2026-05-22 | 2026-05-26 |
| CVE-2026-40193 json | maddy is a composable, all-in-one mail server. Versions prior to 0.9.3 contain an LDAP injection vulnerability in the auth.ld... | Not Provided | 2026-04-16 | 2026-04-16 |
| CVE-2026-39864 json | Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the a... | Not Provided | 2026-04-08 | 2026-04-08 |
| CVE-2026-35563 json | It was identified that the LDAP client implementation in version 2.1.7 does not verify if the server certificate matches the ... | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2026-35030 json | LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, when JWT authenticatio... | Not Provided | 2026-04-06 | 2026-04-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Wso2 | Identity Server | 5.9.0 | |||
| Application | Wso2 | Identity Server | 5.8.0 | |||
| Application | Wso2 | Identity Server | 5.7.0 | |||
| Application | Wso2 | Identity Server | 5.6.0 | |||
| Application | Wso2 | Identity Server | 5.5.0 | |||
| Application | Wso2 | Identity Server | 5.4.1 | |||
| Application | Wso2 | Identity Server | 5.4.0 | |||
| Application | Wso2 | Identity Server | 5.3.0 | |||
| Application | Wso2 | Identity Server | 5.2.0 | |||
| Application | Wso2 | Identity Server | 5.10.0 | |||
| Application | Wso2 | Identity Server | 5.1.0 | |||
| Application | Wso2 | Identity Server | 5.0.0 | |||
| Application | Wso2 | Identity Server | 4.6.0 | |||
| Application | Wso2 | Identity Server | 4.5.0 | |||
| Application | Wso2 | Identity Server | 4.1.0 | |||
| Application | Wso2 | Identity Server | 4.0.0 | |||
| Application | Wso2 | Identity Server | 3.2.3 | |||
| Application | Wso2 | Identity Server | 3.2.2 | |||
| Application | Wso2 | Identity Server | 3.2.0 | |||
| Application | Wso2 | Identity Server | 3.0.1 |