CVE-2026-33584

Summary

Exposed Keycloak management service in the Arqit Symmetric Key Agreement Platform enables unauthorized access to sensitive debug information such as metrics and health data. This issue affects Symmetric Key Agreement Platform: before 26.03.

Affected Software

VendorProductVersion RangeStatus
ArqitSymmetric Key Agreement Platform0 < 26.03affected

Weaknesses

  • CWE-749: CWE-749 Exposed dangerous method or function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References