Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-5142

A flaw was found in foreman. Authenticated users with 'view_keypairs' permission can bypass taxonomy scoping, allowing them to download private SSH (Secure Shell) keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant deployments, potentially compromising sensitive information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 16.6%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2026-5142


Contact Us

Shodan ® - All rights reserved