Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2026-1518
CVE-2026-1518
A flaw was found in Keycloak’s CIBA feature where insufficient validation of client-configured backchannel notification endpoints could allow blind server-side requests to internal services.
Published Feb 4, 2026
https://github.com/advisories/GHSA-fwhw-chw4-gh37
CVSS Score
Low
2.7
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
composer
fuzzy/fzkc
v0.9.0
composer
fuzzy/fzkc
v0.9.1
composer
fuzzy/fzkc
v0.9.2
composer
fuzzy/fzkc
v0.9.3
maven
io.apiman/apiman-distro-wildfly
2.2.0.Final
maven
io.apiman/apiman-distro-wildfly
2.2.1.Final
maven
io.apiman/apiman-distro-wildfly
2.2.2.Final
maven
io.apiman/apiman-distro-wildfly
2.2.3.Final
maven
org.jboss.windup.web/mta-web-distribution
5.3.0.Alpha2
maven
org.jboss.windup.web/mta-web-distribution
5.3.0.Alpha3
maven
org.jboss.windup.web/mta-web-distribution
5.3.0.Final
maven
org.jboss.windup.web/windup-web-distribution
6.0.0.Alpha1
maven
org.jboss.windup.web/windup-web-distribution
6.0.0.Alpha2
maven
org.jboss.windup.web/windup-web-distribution
6.0.0.Final
maven
org.jboss.windup.web/windup-web-tests-wildfly-dist
5.3.0.Alpha2
maven
org.jboss.windup.web/windup-web-tests-wildfly-dist
5.3.0.Alpha3
maven
org.jboss.windup.web/windup-web-tests-wildfly-dist
5.3.0.Final
maven
org.jboss.windup.web/windup-web-tests-wildfly-dist
6.0.0.Alpha1
maven
org.jboss.windup.web/windup-web-tests-wildfly-dist
6.0.0.Alpha2
maven
org.jboss.windup.web/windup-web-tests-wildfly-dist
6.0.0.Final
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
24.0.10.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
24.0.11.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
24.0.3.redhat-00004
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
24.0.4.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
24.0.5.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
24.0.6.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
24.0.7.redhat-00004
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
24.0.8.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
24.0.9.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.0.10.redhat-00002
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.0.11.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.0.12.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.0.13.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.0.14.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.0.15.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.0.16.redhat-00002
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.0.17.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.0.5.redhat-00003
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.0.6.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.0.7.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.0.8.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.0.9.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.2.10.redhat-00002
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.2.11.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.2.12.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.2.13.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.2.14.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.2.4.redhat-00002
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.2.5.redhat-00001
maven
org.keycloak.testsuite/integration-arquillian-servers-auth-server-quarkus
26.2.6.redhat-00001
1-50 of 391
CVE-2026-1518 | Components Impacted | Sonatype Guide | Sonatype Guide
