Platform
other
Component
kiuwan
Fixed in
2.8.2510
CVE-2026-24069 describes an authorization bypass vulnerability within Kiuwan SAST, a static application security testing (SAST) tool. This flaw allows disabled user accounts, previously mapped for Single Sign-On (SSO), to circumvent the intended access restrictions and continue accessing the application. The vulnerability affects both Kiuwan Cloud and on-premise installations (KOP) prior to version 2.8.2509.4. A fix is available in version 2.8.2509.4.
The impact of CVE-2026-24069 is significant due to the potential for unauthorized access to sensitive data and system functionalities. An attacker could leverage this bypass to gain access to SAST analysis results, project configurations, and potentially even the underlying code repositories being analyzed. This could lead to data breaches, intellectual property theft, and compromise of the entire software development lifecycle. The ability to bypass authentication controls effectively grants an attacker a backdoor into the SAST environment, allowing them to circumvent security measures designed to protect the application and its data. The scope of the impact extends beyond the immediate SAST tool itself, potentially affecting the security posture of the applications being analyzed.
CVE-2026-24069 was publicly disclosed on 2026-04-14. Currently, there are no publicly available proof-of-concept (POC) exploits. The vulnerability is not listed on the CISA KEV catalog as of this writing. Given the nature of the authorization bypass, it is likely that attackers could develop exploits relatively easily, making proactive mitigation crucial.
Exploit Status
EPSS
0.01% (1% percentile)
The primary mitigation for CVE-2026-24069 is to immediately upgrade Kiuwan SAST to version 2.8.2509.4 or later. If an immediate upgrade is not feasible due to compatibility issues or downtime constraints, consider temporarily disabling SSO authentication and relying on local user accounts until the upgrade can be performed. Review all user account mappings and ensure that any disabled accounts are properly restricted from accessing the application. Implement stricter access controls and multi-factor authentication (MFA) where possible to further enhance security. After upgrading, verify the fix by attempting to log in with a previously disabled SSO-mapped user account; access should be denied.
Update Kiuwan SAST to version 2.8.2509.4 or later to fix the vulnerability. This update ensures that disabled user accounts cannot access the application through SSO, reinforcing system security.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-24069 is a vulnerability in Kiuwan SAST allowing disabled SSO-mapped user accounts to bypass authentication and access the application, potentially leading to unauthorized data access.
If you are using Kiuwan SAST versions 1.0.0 through 2.8.2509.4, you are potentially affected. Check your current version and upgrade if necessary.
Upgrade Kiuwan SAST to version 2.8.2509.4 or later. As a temporary workaround, disable SSO authentication until the upgrade can be completed.
As of now, there are no confirmed reports of active exploitation, but the vulnerability's nature suggests it could be targeted.
Refer to the official Kiuwan security advisory for detailed information and updates regarding CVE-2026-24069.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.