Skip to main content
Loading…
    CVE-2026-40213 — OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token reg — CVE Database · The Intelligence Room