CVE-2026-33585

Published: Mag 13, 2026 Last Modified: Mag 14, 2026

ExploitDB:

Other exploit source:

Google Dorks:

LOW 3,8

Source: a6d3dc9e-0591-4a13-bce7-0f5b31ff6158

Attack Vector: physical

Attack Complexity: high

Privileges Required: none

User Interaction: required

Scope: unchanged

Confidentiality: low

Integrity: low

Availability: low

Description

AI Translation Available

Improper management of the idle timeout parameter in the Keycloak interface of the Arqit SKA-Platform enables an attacker to impersonate an authenticated tenant user via an unexpired browser session.

This issue affects Symmetric Key Agreement Platform: before 26.03.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0001

Percentile

0,0th

Updated

EPSS Score Trend (Last 7 Days)

233

Improper Handling of Parameters

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity

Potential Impacts:

Unexpected State

Applicable Platforms

All platforms may be affected

View CWE Details

https://www.cvcn.gov.it/cvcn/cve/CVE-2026-33585

CVE-2026-33585

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 7 Days)

Improper Handling of Parameters

Common Consequences

Applicable Platforms

Iscriviti alla newsletter