diff --git a/docs/trophies.md b/docs/trophies.md index f4d154724..126a976b8 100644 --- a/docs/trophies.md +++ b/docs/trophies.md @@ -59,3 +59,4 @@ Feel free to [open an issue](https://github.com/CodeIntelligenceTesting/jazzer/i | [lz4/lz4-java](https://github.com/lz4/lz4-java) | Out-of-bounds memory access through `sun.misc.Unsafe` & JNI | [fixed](https://github.com/yawkat/lz4-java/releases/tag/v1.8.1) | [CVE-2025-12183](https://www.cve.org/CVERecord?id=CVE-2025-12183) | [@yawkat](https://github.com/yawkat), [@Marcono1234](https://github.com/Marcono1234) | | [lz4/lz4-java](https://github.com/lz4/lz4-java) | Information leak in Java safe decompressor | [fixed](https://github.com/yawkat/lz4-java/releases/tag/v1.10.1) | [CVE-2025-66566](https://www.cve.org/CVERecord?id=CVE-2025-66566) | [Code Intelligence](https://code-intelligence.com) | | [airlift/aircompressor](https://github.com/airlift/aircompressor) | Information leak in lz4 and snappy decompressor | [fixed](https://github.com/airlift/aircompressor/releases/tag/3.4) | [CVE-2025-67721](https://www.cve.org/CVERecord?id=CVE-2025-67721) | [Code Intelligence](https://code-intelligence.com) | +| [keycloak/keycloak](https://github.com/keycloak/keycloak) | Denial of Service via specially crafted SAML input | [fixed](https://github.com/keycloak/keycloak/releases/tag/26.6.2) | [CVE-2026-7307](https://www.cve.org/CVERecord?id=CVE-2026-7307) | [@Anchels](https://github.com/Anchels) | \ No newline at end of file