Skip to main content

CWE-653

Improper Isolation or Compartmentalization

50 CVEs Avg CVSS 6.3 MITRE
4
CRITICAL
14
HIGH
28
MEDIUM
3
LOW
11
POC
1
KEV

Monthly

CVE-2026-15738 MEDIUM PATCH This Month

Incorrect behavior order in the Gateway API listener-rule generation in Amazon AWS Load Balancer Controller before 3.4.2 might allow an authenticated remote user to intercept, spoof, or deny another namespace's gRPC traffic on a shared Gateway via a crafted HTTPRoute resource. To mitigate this issue, users should upgrade to version 3.4.2.

Information Disclosure Aws Load Balancer Controller
NVD GitHub
CVSS 4.0
5.8
EPSS
0.4%
CVE-2026-41155 MEDIUM This Month

Insufficient compartmentalization in the Imagination Technologies Graphics DDK kernel module enables a local, low-privileged attacker to abuse shared secure GPU memory allocations to either covertly pass data between otherwise isolated secure GPU processes or disrupt a peer process, causing image corruption and GPU hardware recovery events. Multiple DDK release trains spanning versions 1.18 RTM through 26.1 RTM are confirmed affected per EUVD-2026-36606. No public exploit exists and SSVC confirms no observed exploitation, but the 'Information Disclosure' tag in the advisory signals a confidentiality dimension that the official CVSS C:N metric does not fully capture.

Information Disclosure Graphics Ddk
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-42782 Maven HIGH PATCH GHSA This Week

Code execution via Groovy sandbox bypass in Apache Syncope 3.0 through 3.0.16, 4.0 through 4.0.5, and 4.1.0 allows a high-privileged administrator holding Implementations entitlements to run untrusted code outside the sandbox. By placing payload logic in a Groovy class static initializer, the attacker reaches a non-sandboxed execution path, yielding full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and EPSS is very low (0.02%, 6th percentile), consistent with a privilege-gated, not mass-scanned, issue.

Information Disclosure Apache
NVD
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-40968 Maven MEDIUM PATCH This Month

Spring gRPC 1.0.0 through 1.0.2 inherits authenticated user identity on gRPC worker threads after access denial, allowing a subsequent unauthenticated request on the same thread to gain escalated permissions. The vulnerability requires an authenticated attacker with prior knowledge of thread reuse patterns and affects only configurations where both authenticated and unauthenticated requests share gRPC worker threads. A patch is available in version 1.0.3.

Java Privilege Escalation
NVD
CVSS 3.1
4.2
EPSS
0.0%
CVE-2026-41174 Go MEDIUM PATCH GHSA This Month

Traefik versions prior to 2.11.43, 3.6.14, and 3.7.0-rc.2 fail to enforce cross-namespace isolation for middleware references nested inside Chain middlewares, allowing actors with permission to create CRDs in their own namespace to bypass the allowCrossNamespace=false restriction and apply middleware from arbitrary namespaces. This authorization bypass affects Kubernetes clusters relying on namespace isolation controls and can enable unauthorized reuse of security-sensitive middleware policies across namespace boundaries.

Kubernetes Information Disclosure RCE Red Hat Suse
NVD GitHub
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-5600 PyPI MEDIUM PATCH GHSA This Month

Pretix 2025 and 2026 versions contain an API endpoint authorization bypass that returns all check-in events for an organizer rather than a specific event, exposing ticket scan records (including scan timestamps, results, and ticket IDs) across unauthorized events to authenticated API consumers with high-level organizer privileges. The vulnerability affects pretix 2025.10.0 through 2026.3.0, allowing privileged users to access sensitive event data they should not be permitted to view, though individual attendee identity linkage requires additional context not provided by the API response alone.

Authentication Bypass Pretix
NVD
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-5599 HIGH PATCH This Week

Cross-world user deletion in venueless allows authenticated API users with 'manage users' permission in one world to delete user accounts in completely separate worlds. Venueless versions prior to commit 02b9cbe5 are affected. The CVSS 7.3 rating reflects network-based attack requiring low-complexity exploitation by authenticated users with low privileges. No public exploit identified at time of analysis, though the vulnerability permits unauthorized data destruction across tenant boundaries in multi-tenant deployments.

Information Disclosure Venueless
NVD GitHub
CVSS 4.0
7.3
EPSS
0.0%
CVE-2026-34775 npm MEDIUM PATCH GHSA This Month

Electron's nodeIntegrationInWorker webPreference fails to properly isolate Node.js integration in worker contexts across certain process-sharing configurations, allowing workers in frames explicitly configured with nodeIntegrationInWorker: false to unexpectedly gain Node.js capabilities. Only applications that explicitly enable nodeIntegrationInWorker are affected. The vulnerability carries a CVSS score of 6.8 and permits information disclosure and code execution in affected contexts, with no public exploit identified at time of analysis.

Node.js Information Disclosure Microsoft
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-4325 Maven MEDIUM PATCH This Month

Keycloak's SingleUseObjectProvider lacks proper type and namespace isolation, allowing unauthenticated remote attackers with user interaction to delete arbitrary single-use entries and replay consumed action tokens such as password reset links, leading to account compromise. The vulnerability requires user interaction (UI:R) and high attack complexity (AC:H), resulting in a CVSS score of 5.3. No public exploit code or active exploitation has been confirmed at time of analysis.

Authentication Bypass Red Hat
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-4282 Maven HIGH PATCH GHSA This Week

Authorization code forgery in Red Hat Keycloak enables unauthenticated attackers to escalate privileges to admin-level access tokens. The SingleUseObjectProvider's lack of type and namespace isolation permits attackers to forge valid authorization codes remotely, though exploitation requires high complexity (AC:H). No public exploit identified at time of analysis, with CVSS 7.4 indicating high confidentiality and integrity impact but no availability disruption.

Privilege Escalation Red Hat Build Of Keycloak
NVD
CVSS 3.1
7.4
EPSS
0.0%
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

Incorrect behavior order in the Gateway API listener-rule generation in Amazon AWS Load Balancer Controller before 3.4.2 might allow an authenticated remote user to intercept, spoof, or deny another namespace's gRPC traffic on a shared Gateway via a crafted HTTPRoute resource. To mitigate this issue, users should upgrade to version 3.4.2.

Information Disclosure Aws Load Balancer Controller
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

Insufficient compartmentalization in the Imagination Technologies Graphics DDK kernel module enables a local, low-privileged attacker to abuse shared secure GPU memory allocations to either covertly pass data between otherwise isolated secure GPU processes or disrupt a peer process, causing image corruption and GPU hardware recovery events. Multiple DDK release trains spanning versions 1.18 RTM through 26.1 RTM are confirmed affected per EUVD-2026-36606. No public exploit exists and SSVC confirms no observed exploitation, but the 'Information Disclosure' tag in the advisory signals a confidentiality dimension that the official CVSS C:N metric does not fully capture.

Information Disclosure Graphics Ddk
NVD VulDB
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Code execution via Groovy sandbox bypass in Apache Syncope 3.0 through 3.0.16, 4.0 through 4.0.5, and 4.1.0 allows a high-privileged administrator holding Implementations entitlements to run untrusted code outside the sandbox. By placing payload logic in a Groovy class static initializer, the attacker reaches a non-sandboxed execution path, yielding full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and EPSS is very low (0.02%, 6th percentile), consistent with a privilege-gated, not mass-scanned, issue.

Information Disclosure Apache
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Spring gRPC 1.0.0 through 1.0.2 inherits authenticated user identity on gRPC worker threads after access denial, allowing a subsequent unauthenticated request on the same thread to gain escalated permissions. The vulnerability requires an authenticated attacker with prior knowledge of thread reuse patterns and affects only configurations where both authenticated and unauthenticated requests share gRPC worker threads. A patch is available in version 1.0.3.

Java Privilege Escalation
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Traefik versions prior to 2.11.43, 3.6.14, and 3.7.0-rc.2 fail to enforce cross-namespace isolation for middleware references nested inside Chain middlewares, allowing actors with permission to create CRDs in their own namespace to bypass the allowCrossNamespace=false restriction and apply middleware from arbitrary namespaces. This authorization bypass affects Kubernetes clusters relying on namespace isolation controls and can enable unauthorized reuse of security-sensitive middleware policies across namespace boundaries.

Kubernetes Information Disclosure RCE +2
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Pretix 2025 and 2026 versions contain an API endpoint authorization bypass that returns all check-in events for an organizer rather than a specific event, exposing ticket scan records (including scan timestamps, results, and ticket IDs) across unauthorized events to authenticated API consumers with high-level organizer privileges. The vulnerability affects pretix 2025.10.0 through 2026.3.0, allowing privileged users to access sensitive event data they should not be permitted to view, though individual attendee identity linkage requires additional context not provided by the API response alone.

Authentication Bypass Pretix
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Cross-world user deletion in venueless allows authenticated API users with 'manage users' permission in one world to delete user accounts in completely separate worlds. Venueless versions prior to commit 02b9cbe5 are affected. The CVSS 7.3 rating reflects network-based attack requiring low-complexity exploitation by authenticated users with low privileges. No public exploit identified at time of analysis, though the vulnerability permits unauthorized data destruction across tenant boundaries in multi-tenant deployments.

Information Disclosure Venueless
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Electron's nodeIntegrationInWorker webPreference fails to properly isolate Node.js integration in worker contexts across certain process-sharing configurations, allowing workers in frames explicitly configured with nodeIntegrationInWorker: false to unexpectedly gain Node.js capabilities. Only applications that explicitly enable nodeIntegrationInWorker are affected. The vulnerability carries a CVSS score of 6.8 and permits information disclosure and code execution in affected contexts, with no public exploit identified at time of analysis.

Node.js Information Disclosure Microsoft
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Keycloak's SingleUseObjectProvider lacks proper type and namespace isolation, allowing unauthenticated remote attackers with user interaction to delete arbitrary single-use entries and replay consumed action tokens such as password reset links, leading to account compromise. The vulnerability requires user interaction (UI:R) and high attack complexity (AC:H), resulting in a CVSS score of 5.3. No public exploit code or active exploitation has been confirmed at time of analysis.

Authentication Bypass Red Hat
NVD
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Authorization code forgery in Red Hat Keycloak enables unauthenticated attackers to escalate privileges to admin-level access tokens. The SingleUseObjectProvider's lack of type and namespace isolation permits attackers to forge valid authorization codes remotely, though exploitation requires high complexity (AC:H). No public exploit identified at time of analysis, with CVSS 7.4 indicating high confidentiality and integrity impact but no availability disruption.

Privilege Escalation Red Hat Build Of Keycloak
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy