Keystone
This hub aggregates every CVE we track for Keystone, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
68
CVEs tracked
3
Critical
17
High
0
In CISA KEV
Severity distribution
MEDIUM42HIGH17LOW6CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
1
0
0
0
1
2
5
1
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Keystone.
- CVE-2026-10802keystonejs keystone GraphQL API Endpoint output-field.ts resource consumption4.3
- CVE-2026-43000An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the member role on a project can escalate to ...6.0
- CVE-2026-44394An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token rescoping mechanism does not propagate the original token's expiry to the newly issued token. When a federa...6.0
- CVE-2026-42998An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone application credential authentication plugin does not verify that the user supplied in the authentication request matches t...6.0
- CVE-2026-42999An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforce_call unconditionally merges the raw JSON request body into the policy enforcement dictionar...6.0
- CVE-2026-43001An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not validate that the caller-supplied project_id for an EC2-type credential matched the project of the authenti...7.9
- CVE-2026-40683In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the user_enabled_invert configuration option is False (the default). The...7.7
- CVE-2026-33551An issue was discovered in OpenStack Keystone 14 through 26 before 26.1.1, 27.0.0, 28.0.0, and 29.0.0. Restricted application credentials can create EC2 credentials. By using a restricted applicati...3.5
- CVE-2026-33326@keystone-6/core: `isFilterable` bypass via `cursor` parameter in findMany4.3
- CVE-2025-65073OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization.7.5
- CVE-2025-46720Keystone has an unintended `isFilterable` bypass that can be used as an oracle to match hidden fields3.1
- CVE-2023-40027Conditionally missing authorization in @keystone-6/core3.7
- CVE-2023-34247@keystone-6/auth Open Redirect vulnerability6.1
- CVE-2022-39382NODE_ENV in Keystone defaults to development with esbuild9.8
- CVE-2022-39322@keystone-6/core vulnerable to field-level access-control bypass for multiselect field9.1
Product normalization is registry-driven with AI assist and human review. How it works