Lucene search
+L

332 matches found

nvd
nvd
added yesterday5 views

CVE-2026-53518

Better Auth is an authentication and authorization library for TypeScript. From 1.6.0 until 1.6.11, the @better-auth/oauth-provider POST /oauth2/token endpoint for the authorizationcode grant redeems a single-use authorization code through a non-atomic find-then-delete sequence, allowing two...

7.6CVSS0.00029EPSS
Exploits0References3
cvelist
cvelist
added yesterday24 views

CVE-2026-53518 Better Auth OAuth Provider: Race Condition in Authorization Code Exchange Enables Multi-Use Code Redemption

Better Auth is an authentication and authorization library for TypeScript. From 1.6.0 until 1.6.11, the @better-auth/oauth-provider POST /oauth2/token endpoint for the authorizationcode grant redeems a single-use authorization code through a non-atomic find-then-delete sequence, allowing two...

7.6CVSS0.00029EPSS
Exploits0References3
attackerkb
attackerkb
added yesterday4 views

CVE-2026-53518

Better Auth is an authentication and authorization library for TypeScript. From 1.6.0 until 1.6.11, the @better-auth/oauth-provider POST /oauth2/token endpoint for the authorizationcode grant redeems a single-use authorization code through a non-atomic find-then-delete sequence, allowing two...

7.6CVSS6.1AI score0.00029EPSS
Exploits0References4Affected Software1
cve
cve
added yesterday12 views

CVE-2026-53518

CVE-2026-53518 affects the Better Auth ecosystem, specifically the @better-auth/oauth-provider token endpoint for the authorization_code grant (and legacy paths via oidc-provider/mcp plugins). A race condition arises from a non-atomic find-then-delete when redeeming a single-use authorization cod...

7.6CVSS6.2AI score0.00029EPSS
Exploits0References3
cve
cve
added 6 days ago31 views

CVE-2026-55672

Summary (concrete details) : The CVE concerns Zitadel, an open-source identity management platform. The vulnerability occurs in the OAuth2/OIDC CodeExchange and RefreshToken flows (and related device token flow) where verification that the requesting client matches the originally authorized clien...

7.4CVSS6.1AI score0.00276EPSS
Exploits0References5
patchstack
patchstack
added 2026/07/07 8:56 p.m.5 views

NPM: @better-auth/oauth-provider's OAuth authorization-code grant allows concurrent redemption when two token requests race the find-then-delete primitive

NPM: @better-auth/oauth-provider's OAuth authorization-code grant allows concurrent redemption when two token requests race the find-then-delete primitive vulnerability discovered by ? in WordPress Npm better-auth versions 1.6.11...

7.6CVSS6AI score0.00029EPSS
Exploits0References3Affected Software1
snyk
snyk
added 2026/07/07 8:56 p.m.5 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview better-auth is a The most comprehensive authentication library for TypeScript. Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition through a race condition in the authorizationcode grant handler. An attacker can obtain multiple valid access...

7.6CVSS6.2AI score0.00029EPSS
Exploits0References4
snyk
snyk
added 2026/07/07 8:56 p.m.5 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview @better-auth/oauth-provider is an An oauth provider plugin for Better Auth Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition through a race condition in the authorizationcode grant handler. An attacker can obtain multiple valid access,...

7.6CVSS6.2AI score0.00029EPSS
Exploits0References4
github
github
added 2026/07/07 8:56 p.m.9 views

@better-auth/oauth-provider's OAuth authorization-code grant allows concurrent redemption when two token requests race the find-then-delete primitive

Am I affected? Users are affected if all of the following are true: - Their project depends on @better-auth/oauth-provider at a version = 1.6.0, = 1.4.8-beta.7, 1.6.0, or enables the legacy oidc-provider or mcp plugins from better-auth/plugins. - Their application exposes /api/auth/oauth2/token o...

7.6CVSS6AI score0.00029EPSS
Exploits0References3Affected Software2
ptsecurity
ptsecurity
added 2026/07/07 12:0 a.m.7 views

PT-2026-56302

Name of the Vulnerable Software and Affected Versions @better-auth/oauth-provider versions 1.6.0 through 1.6.10 better-auth versions 1.4.8-beta.7 through 1.6.10 Description The POST /oauth2/token endpoint for the authorization code grant redeems a single-use authorization code using a non-atomic...

8.1CVSS6.1AI score0.00029EPSS
Exploits0References6
euvd
euvd
added 2026/07/06 8:36 p.m.6 views

EUVD-2026-41941

Leantime contains an OIDC login CSRF vulnerability in the verifyState method that unconditionally returns true without validating state parameters. Attackers can craft malicious callback URLs with attacker-controlled authorization codes to perform session fixation, logging victims in as the...

8.6CVSS6AI score0.00153EPSS
Exploits0References4
snyk
snyk
added 2026/07/03 10:19 p.m.5 views

Replay Attack

Overview Affected versions of this package are vulnerable to Replay Attack due to improper enforcement of OAuth2 authorization code expiry and single-use requirements in the authorization code process. An attacker can gain unauthorized access by reusing valid authorization codes during the token...

9.1CVSS6AI score0.00379EPSS
Exploits0References2
nvd
nvd
added 2026/07/03 9:16 p.m.8 views

CVE-2026-26232

Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...

9.1CVSS0.00379EPSS
Exploits0References4
cve
cve
added 2026/07/03 8:19 p.m.19 views

CVE-2026-26232

Gitea before 1.25.5 is vulnerable to a replay attack due to inadequate enforcement of OAuth2 authorization code expiry and single-use behavior during the token exchange. The Snyk entries describe the issue across affected code paths (e.g., models/auth and routers/web/auth) and state that an attac...

9.1CVSS6AI score0.00379EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/07/03 8:19 p.m.7 views

CVE-2026-26232

Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...

6AI score0.00379EPSS
Exploits0References5
euvd
euvd
added 2026/07/03 8:19 p.m.9 views

EUVD-2026-41628

Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...

6AI score0.00379EPSS
Exploits0References4
osv
osv
added 2026/07/03 8:19 p.m.4 views

CVE-2026-26232 Gitea OAuth2 authorization codes lack expiry and reuse enforcement

Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...

9.1CVSS6AI score0.00379EPSS
Exploits0References6
cvelist
cvelist
added 2026/07/03 8:19 p.m.37 views

CVE-2026-26232 Gitea OAuth2 authorization codes lack expiry and reuse enforcement

Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...

0.00379EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/07/03 12:0 a.m.15 views

PT-2026-55596

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description The software does not consistently enforce the expiry and single-use requirement of OAuth2 authorization codes during the token exchange process. OAuth2 is a standard for access delegation, allowing...

9.1CVSS6.1AI score0.00379EPSS
Exploits0References7
osv
osv
added 2026/06/26 11:5 p.m.5 views

GHSA-9RC6-8CJV-RCVX Nezha Monitoring: OAuth2 Redirect URL — Host Header Injection

Description The getRedirectURL function in oauth2.go:22-29 constructs the OAuth2 callback URL by concatenating the request's Host header with a fixed path, with zero validation of the Host header: go func getRedirectURLc gin.Context string scheme := "http://" referer := c.Request.Referer if...

6.8CVSS5.8AI score0.00234EPSS
Exploits0References3
Rows per page
Query Builder