CVE-2026-33584
MEDIUMArqit SKA-Platform Enables Access to Debug Information
Title source: cnaDescription
Exposed Keycloak management service in the Arqit Symmetric Key Agreement Platform enables unauthorized access to sensitive debug information such as metrics and health data. This issue affects Symmetric Key Agreement Platform: before 26.03.
References (1)
Core 1
Core References
Third Party Advisory third-party-advisory
https://www.cvcn.gov.it/cvcn/cve/CVE-2026-33584
Scores
CVSS v3
5.3
EPSS
0.0031
EPSS Percentile
21.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-749
Status
published
Products (1)
Arqit/Symmetric Key Agreement Platform
< 26.03
Published
May 13, 2026
Tracked Since
May 14, 2026