Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.4
Kiuwan SAST: Disabled users can still access the application
CVE-2026-24069
Summary
A security issue in Kiuwan SAST affects how it handles user accounts. Disabled users can still access the application through single sign-on (SSO) logins. Affected versions of Kiuwan Cloud and on-premise (KOP) require an update to fix this issue.
Original title
Kiuwan SAST improperly authorizes SSO logins for locally disabled mapped user accounts, allowing disabled users to continue accessing the application. Kiuwan Cloud was affected, and Kiuwan SAST on-...
Original description
Kiuwan SAST improperly authorizes SSO logins for locally disabled mapped user accounts, allowing disabled users to continue accessing the application. Kiuwan Cloud was affected, and Kiuwan SAST on-premise (KOP) was affected before 2.8.2509.4.
Vulnerability type
CWE-863
Incorrect Authorization
Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 14 Apr 2026