Lucene search
+L

890 matches found

cve
cve
added yesterday12 views

CVE-2026-53518

CVE-2026-53518 affects the Better Auth ecosystem, specifically the @better-auth/oauth-provider token endpoint for the authorization_code grant (and legacy paths via oidc-provider/mcp plugins). A race condition arises from a non-atomic find-then-delete when redeeming a single-use authorization cod...

7.6CVSS6.2AI score0.00029EPSS
Exploits0References3
euvd
euvd
added yesterday5 views

EUVD-2026-44649

The Grav API plugin getgrav/grav-plugin-api before 2.0.4 contains an improper session invalidation vulnerability where JWT access tokens are issued without a jti JWT ID claim and therefore cannot be revoked server-side. Unlike refresh tokens, access tokens remain valid for their full lifetime...

6.9CVSS6.1AI score
Exploits0References2
osv
osv
added 2026/07/09 9:30 p.m.3 views

CVE-2026-58122 Hermes WebUI < 0.51.307 Authentication Bypass via X-Forwarded-For Header Spoofing

Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to circumvent local-origin IP restrictions on onboarding endpoints by supplying a spoofed X-Forwarded-For header with a loopback address. Attackers can exploit this bypass to...

9.3CVSS6.1AI score0.00293EPSS
Exploits0References7
thn
thn
added 2026/07/09 6:38 p.m.18 views

Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs

Datadog Security Labs is warning of "several overlapping campaigns" that are systematically enumerating corporate GitHub organizations, repositories, and user accounts through the GitHub API. "Operators rely on automated scraping tooling with custom or legitimate-sounding user agents, leveraging...

6AI score
Exploits0
nvd
nvd
added 2026/07/08 1:16 p.m.7 views

CVE-2026-12002

The Smash Balloon Social Photo Feed – Easy Social Feeds Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.11.1. This is due to missing or incorrect nonce validation on the maybeconnectiondata function. This makes it possible for...

4.7CVSS0.00102EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.4 views

PT-2026-56552

Name of the Vulnerable Software and Affected Versions Bitwarden Server versions prior to 2026.6.0 Description An issue exists where the server fails to verify if the email address provided in the body of the 'POST /auth-requests/admin-request' endpoint belongs to the authenticated user. This allo...

9.3CVSS6.1AI score0.00186EPSS
Exploits0References10
euvd
euvd
added 2026/07/01 1:18 p.m.7 views

EUVD-2026-40958

The payment integration pretix-oppwa provides support for the payment providers VR Payment, Hobex, and potentially others based on Oppwa's technology. The integration of Oppwa, following their official documentation, includes a step where the user is redirected from the payment provider back to o...

10CVSS5.8AI score0.00253EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/24 9:4 p.m.24 views

CVE-2026-49277 Rocket.Chat: OAuth access and refresh tokens remain valid after account deactivation

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, Rocket.Chat does not revoke OAuth bearer or refresh tokens when a user is deactivated. A deactivated user can continue using an existing OAuth...

2.3CVSS0.00215EPSS
Exploits0References1
nvd
nvd
added 2026/06/23 9:17 p.m.10 views

CVE-2026-53928

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a stolen refresh token survived a password-forgot flow and could be used to mint fresh JWTs even after the user reset their password. passwordChange and passwordReset deleted the user's refresh tokens, but passwordForg...

6.3CVSS0.00242EPSS
Exploits0References1
euvd
euvd
added 2026/06/23 7:40 p.m.8 views

EUVD-2026-38598

A missing authorization vulnerability was found in the Event-Driven Ansible EDA websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker messages. Any authenticated user can send a forged message with an arbitrary activationid to receive...

9.6CVSS5.9AI score0.0037EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/06/23 5:39 p.m.4 views

CVE-2026-54317

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.6.0, the Konnected integration registers an HTTP endpoint, KonnectedView homeassistant/components/konnected/init.py, that is marked as not requiring authentication requiresauth = False....

7.6CVSS5.8AI score0.00193EPSS
Exploits1References2Affected Software1
vulnrichment
vulnrichment
added 2026/06/19 3:59 p.m.5 views

CVE-2026-12620 Access Token Exposure in URL Parameters in GridTime™ 3000 GNSS Time Server

The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

4.6CVSS5.8AI score0.00227EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/19 3:59 p.m.37 views

CVE-2026-12620 Access Token Exposure in URL Parameters in GridTime™ 3000 GNSS Time Server

The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

4.6CVSS0.00227EPSS
Exploits0References1
euvd
euvd
added 2026/06/19 3:59 p.m.9 views

EUVD-2026-38041

The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

4.6CVSS5.8AI score0.00227EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.21 views

PT-2026-51061

Name of the Vulnerable Software and Affected Versions Home Assistant versions prior to 2026.6.0 Description The Konnected integration registers an HTTP endpoint 'KonnectedView' located in homeassistant/components/konnected/ init .py that is configured to not require authentication. While write...

7.6CVSS5.9AI score0.00193EPSS
Exploits1References9
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.16 views

PT-2026-50946

Name of the Vulnerable Software and Affected Versions GridTime 3000 versions 1.0r0.03 through 1.1r0.0 Description The GridTime 3000 GNSS Time Server leaks the access token within the URL parameters of certain endpoints. Recommendations Update GridTime 3000 versions 1.0r0.03 through 1.1r0.0 to a...

6.5CVSS6.1AI score0.00227EPSS
Exploits0References4
nessus
nessus
added 2026/06/17 12:0 a.m.12 views

ConnectWise ScreenConnect < 26.2 Improper Input Validation (CVE-2026-11596)

According to its version, the ConnectWise ScreenConnect remote access software installed on the remote host is prior to 26.2. It is, therefore, affected by an improper input validation vulnerability: - Input validation within the Host Pass creation functionality could allow an authenticated user...

4.7CVSS5.3AI score0.00221EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/15 8:36 a.m.35 views

CVE-2026-44188 Ansible-lightspeed: ansible lightspeed: session hijacking and unauthorized data access due to insufficient session expiration

A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If an attacker exfiltrates a valid OAuth Open Authorization access token before a user logs out, they...

5.3CVSS0.00284EPSS
Exploits0References3
snyk
snyk
added 2026/06/12 11:7 a.m.10 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview org.apache.cxf:cxf-rt-rs-security-oauth2 is a services framework. Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition due to a race condition in the AbstractOAuthDataProvider method when handling refresh tokens if the recycleRefreshTokens...

9.1CVSS5.4AI score0.00294EPSS
Exploits0References2
nvd
nvd
added 2026/06/12 10:16 a.m.15 views

CVE-2026-50631

A race condition in AbstractOAuthDataProvider allows concurrent requests using the same Refresh Token to bypass single-use semantics and generate multiple valid Access Tokens, when 'recycleRefreshTokens' is set to false. A leaked refresh token can be replayed concurrently by multiple attackers or...

7.4CVSS0.00294EPSS
Exploits0References2
Rows per page
Query Builder