Wso2 Vulnerabilities
Comprehensive security vulnerability database for Wso2 products
1
0
1
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2024-1524 | 8.1 | This vulnerability allows an attacker to take control of a local user’s account by replacing their information if they can create a federated account with the same username and the system is set up to automatically provision accounts from a federated identity provider. To exploit this, the attacker must have a valid federated account and knowledge of the local username, and the system must have specific settings enabled for this to happen. | wso2api manager | Exploit Available | about 1 month agoFeb 24, 2026 |
About Wso2 Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Wso2 products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.