Lucene search
+L

89 matches found

nvd
nvd
added yesterday5 views

CVE-2026-53513

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the @better-auth/sso plugin's POST /sso/register and POST /sso/update-provider endpoints accept attacker-controlled oidcConfig.userInfoEndpoint, tokenEndpoint, and jwksEndpoint URLs when skipDiscovery: tru...

9.6CVSS0.00025EPSS
Exploits0References4
nvd
nvd
added yesterday5 views

CVE-2026-53516

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, Better Auth's OAuth callback auto-link gate in handleOAuthUserInfo accepts implicit account linking when the OAuth provider asserts emailverified: true without requiring the local user row's emailVerified...

8.3CVSS0.00019EPSS
Exploits0References4
cvelist
cvelist
added yesterday23 views

CVE-2026-53513 Better Auth: Server-side request forgery via unvalidated OIDC endpoints on @better-auth/sso provider registration

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the @better-auth/sso plugin's POST /sso/register and POST /sso/update-provider endpoints accept attacker-controlled oidcConfig.userInfoEndpoint, tokenEndpoint, and jwksEndpoint URLs when skipDiscovery: tru...

9.6CVSS0.00025EPSS
Exploits0References4
euvd
euvd
added yesterday4 views

EUVD-2026-44733

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the @better-auth/sso plugin's POST /sso/register and POST /sso/update-provider endpoints accept attacker-controlled oidcConfig.userInfoEndpoint, tokenEndpoint, and jwksEndpoint URLs when skipDiscovery: tru...

9.6CVSS6.1AI score0.00025EPSS
Exploits0References4
attackerkb
attackerkb
added yesterday4 views

CVE-2026-53513

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the @better-auth/sso plugin's POST /sso/register and POST /sso/update-provider endpoints accept attacker-controlled oidcConfig.userInfoEndpoint, tokenEndpoint, and jwksEndpoint URLs when skipDiscovery: tru...

9.6CVSS6.1AI score0.00025EPSS
Exploits0References5Affected Software2
osv
osv
added 6 days ago3 views

CVE-2026-56666 ZITADEL: Auto-linking by email: IdP-side email verification is not checked

ZITADEL is an open source identity management platform. Prior to 4.15.3, ZITADEL's external identity provider handler checks that the local user's email is verified but does not verify that the external IdP confirmed ownership of the same email before auto-linking by email, allowing a permissive...

4.8CVSS6.1AI score0.00189EPSS
Exploits0References5
snyk
snyk
added 2026/07/07 8:55 p.m.6 views

Authentication Bypass Using an Alternate Path or Channel

Overview @better-auth/core is a The most comprehensive authentication framework for TypeScript. Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the handleOAuthUserInfo. An attacker can gain unauthorized access to user accounts by...

8.3CVSS6.1AI score0.00019EPSS
Exploits0References2
github
github
added 2026/07/07 8:55 p.m.6 views

Better Auth has an account takeover issue via OAuth auto-link to unverified pre-registered email

Am I affected? Users are affected if all of the following are true: - Their application uses better-auth at a version 1.6.11 on the stable line, or any current next pre-release. - emailAndPassword.enabled: true is set in their application's betterAuth ... configuration. - At least one OAuth or SS...

8.3CVSS5.9AI score0.00019EPSS
Exploits0References3Affected Software1
redhat
redhat
added 2026/06/25 5:36 p.m.5 views

keycloak: Cross-Session Email Verification Proof Not Bound to Upstream Identity in First-Broker-Login

A flaw was found in Keycloak. The cross-session verification proof is keyed only by local userId, idpAlias and is not bound to the upstream identity that was actually verified, so a second upstream account on the same IdP can consume it and get linked to the victim's local account...

8.1CVSS5.8AI score0.00312EPSS
Exploits0References4
nvd
nvd
added 2026/06/12 4:17 a.m.15 views

CVE-2026-48612

Improper state verification in the OAuth implementation could allow an attacker to manipulate the authentication flow and cause a victim’s account to be linked to an attacker-controlled account. This can result in unauthorized account linking and potential account takeover...

8CVSS0.0012EPSS
Exploits0References1
euvd
euvd
added 2026/06/12 2:27 a.m.14 views

EUVD-2026-36380

Improper state verification in the OAuth implementation could allow an attacker to manipulate the authentication flow and cause a victim’s account to be linked to an attacker-controlled account. This can result in unauthorized account linking and potential account takeover...

8CVSS7.4AI score0.0012EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/12 2:27 a.m.11 views

CVE-2026-48612

Improper state verification in the OAuth implementation could allow an attacker to manipulate the authentication flow and cause a victim’s account to be linked to an attacker-controlled account. This can result in unauthorized account linking and potential account takeover...

8CVSS7.5AI score0.0012EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/12 2:27 a.m.31 views

CVE-2026-48612

Improper state verification in the OAuth implementation could allow an attacker to manipulate the authentication flow and cause a victim’s account to be linked to an attacker-controlled account. This can result in unauthorized account linking and potential account takeover...

8CVSS0.0012EPSS
Exploits0References1
cve
cve
added 2026/06/12 2:27 a.m.30 views

CVE-2026-48612

Technical details such as affected product, versions, root cause, and remediation are not publicly provided in the supplied documents. Monitor for updates.

8CVSS7.4AI score0.0012EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/12 12:0 a.m.17 views

PT-2026-48827

Name of the Vulnerable Software and Affected Versions Okta affected versions not specified Description Improper state verification in the OAuth implementation allows an attacker to manipulate the authentication flow. This can lead to a victim's account being linked to an account controlled by the...

8CVSS7.2AI score0.0012EPSS
Exploits0References5
redhat
redhat
added 2026/06/10 5:38 p.m.9 views

keycloak: Cross-Session Email Verification Proof Not Bound to Upstream Identity in First-Broker-Login

A flaw was found in Keycloak. The cross-session verification proof is keyed only by local userId, idpAlias and is not bound to the upstream identity that was actually verified, so a second upstream account on the same IdP can consume it and get linked to the victim's local account...

8.1CVSS5.4AI score0.00312EPSS
Exploits0References4
redhatcve
redhatcve
added 2026/06/05 7:25 p.m.16 views

CVE-2026-44695

Outline is a service that allows for collaborative documentation. Prior to 1.7.1, the Slack integration callback for GET /auth/slack.post accepts an unsigned, session-independent OAuth state value. A third party who can obtain a Slack OAuth code for the same Outline Slack client can make a...

6.5CVSS5.6AI score0.00125EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/06/05 7:14 p.m.11 views

CVE-2026-40458

PAC4J is vulnerable to Cross-Site Request Forgery CSRF. A malicious attacker can craft a specially designed website which, when visited by a user, will automatically submit a forged cross-site request with a token whose hash collides with the victim's legitimate CSRF token. Importantly, the...

7CVSS5.3AI score0.00165EPSS
Exploits0References1
osv
osv
added 2026/05/20 6:31 p.m.6 views

GHSA-M6QJ-3MPP-57V8 Keycloak: Insufficient verification proof scoping enables identity provider account linking attack and account compromise

A flaw was found in Keycloak. The cross-session verification proof is keyed only by local userId, idpAlias and is not bound to the upstream identity that was actually verified, so a second upstream account on the same IdP can consume it and get linked to the victim's local account...

6.4CVSS5.4AI score0.00312EPSS
Exploits0References10
github
github
added 2026/05/20 6:31 p.m.7 views

Keycloak: Insufficient verification proof scoping enables identity provider account linking attack and account compromise

A flaw was found in Keycloak. The cross-session verification proof is keyed only by local userId, idpAlias and is not bound to the upstream identity that was actually verified, so a second upstream account on the same IdP can consume it and get linked to the victim's local account...

8.1CVSS5.4AI score0.00312EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder