openSUSE Security Advisory (SUSE-SU-2026:0828-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-Authlib (SUSE-SU-2026:0828-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0828-1 advisory. - CVE-2025-68158: Fixed 1-click account takeover in applications that use the Authlib library bsc1256414...

OPENSUSE-SU-2026:20257-1 Security update for python-Authlib

This update for python-Authlib fixes the following issues: Changes in python-Authlib: - CVE-2025-68158: Fixed 1-click account takeover in applications that use the Authlib library bsc1256414...

python311-Authlib-1.6.6-1.1 on GA media (moderate)

python311-Authlib-1.6.6-1.1 on GA media Announcement ID: openSUSE-SU-2026:10034-1 Rating: moderate Cross-References: CVE-2025-68158 CVSS scores: CVE-2025-68158 SUSE : 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2025-68158 SUSE : 6.9...

aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +214 more potentially affected by CVE-2025-68158 via authlib (>=1.0.0 <=1.6.5)

authlib PYPI version =1.0.0, =1.0.0, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.4.0, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2025-68158 Source advisory:...

aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +214 more potentially affected by CVE-2025-68158 via authlib (>=1.0.0 <=1.6.5)

authlib PYPI version =1.0.0, =1.0.0, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.4.0, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2025-68158 Source advisory:...

CVE-2025-68158

creationtimestamp| type| source ---|---|--- 2026-01-08 15:11:30+00:00| published-proof-of-concept| https://github.com/authlib/authlib/security/advisories/GHSA-fg6f-75jq-6523 2026-01-24 21:26:39+00:00| seen| https://gist.github.com/alon710/635c03fe79914f517969edc1a5109de0 2026-01-24 22:42:02+00:00...

Linux Distros Unpatched Vulnerability : CVE-2025-68158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authlib is a Python library which builds OAuth and OpenID Connect servers. In versions 1.0.0 through 1.6.5, cache-backed state/request-token storage is not tied...

searcheye.kr XSS vulnerability

Vulnerable URL: http://www.searcheye.kr/index.php?q=glubz%22%3E%3Cimg+src%3Dx+onerror%3Dwindow.onerror%3Dalert%3Bthrow%2Fxssposed%2F%3B%2F%2F%3E%3C=searchnmall==glubz%22%3E%3Cimg%20src=x%20onerror=window.onerror=alert;throw/xssposed/;//%3E%3C Details: Description| Value ---|--- Patched:| No Lates...