3 matches found
CVE-2025-68481
creationtimestamp| type| source ---|---|--- 2025-12-19 21:16:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3maemfs3vsc2q 2026-04-15 04:32:14+00:00| seen| https://gist.github.com/calenwalshe/e60488e3998fd3d2e527c4af1317edbc...
balify (=0.0.2), cognee (>=0.1.15 <=0.5.2.dev0) +45 more potentially affected by CVE-2025-68481 via fastapi-users (>=10.2.1 <=14.0.2)
fastapi-users PYPI version =10.2.1, =0.1.15, =0.1.2, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.2.1 - cognee-community-vector-adapter-redis =0.1.0 - cognee-community-vector-adapter-valkey =0.1.1 - cognee-community-vector-adapter-weaviate =0.1.0 and more Source cves: CVE-2025-68481 Source advisory...
CVE-2025-68481 FastAPI Users Vulnerable to 1-click Account Takeover in Apps Using FastAPI SSO
FastAPI Users allows users to quickly add a registration and authentication system to their FastAPI project. Prior to version 15.0.2, the OAuth login state tokens are completely stateless and carry no per-request entropy or any data that could link them to the session that initiated the OAuth flo...