CVE-2026-33584 MEDIUM

CVE-2026-33584: Arqit SKA-Platform Enables Access to Debug Information

Vendor Arqit
Product Symmetric Key Agreement Platform
Weakness CWE-749
Published May 13, 2026
Last update May 13, 2026

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Exposed Keycloak management service in the Arqit Symmetric Key Agreement Platform enables unauthorized access to sensitive debug information such as metrics and health data. This issue affects Symmetric Key Agreement Platform: before 26.03.

Key dates

02Disclosure timeline

May 13, 2026 CVE published
May 13, 2026 Record updated