VDB

CVE-2026-22797

CVE-2026-22797 PUBLISHED CVSS 9.899999618530273 CRITICAL

An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The external_oauth2_token middleware fails to sanitize incoming authentication headers before processing OAuth 2.0 tokens. By sending forged identity headers such as X-Is-Admin-Project, X-Roles, or X-User-Id, an authenticated attacker may escalate privileges or impersonate other users. All deployments using the external_oauth2_token middleware are affected.

EPSS 0.17% · 37.6th percentile

Risk Scores

CVSS 3.1
9.899999618530273
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
EPSS Score
0.17%
37.6th percentile

Affected Products

VendorProductVersions
OpenStackkeystonemiddleware10.5.0, 10.5.0, 10.8.0
openstackkeystonemiddleware10.5.0, 10.8.0, 10.10.0

Exploit Intelligence

…and 8 more exploits

Timeline

  • Jan 15, 2026 PoC Published
  • Jan 15, 2026 PoC Published
  • Jan 16, 2026 PoC Published
  • Jan 16, 2026 PoC Published
  • Jan 16, 2026 PoC Published
  • Jan 16, 2026 PoC Published
  • Jan 16, 2026 PoC Published
  • Jan 17, 2026 PoC Published
  • Jan 19, 2026 CVE Published
  • Jan 19, 2026 PoC Published
  • Jan 19, 2026 PoC Published
  • Jan 20, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›