Lucene search
K

8 matches found

Chainguard
Chainguard
added 2026/05/06 7:17 p.m.9 views

CVE-2026-41425 vulnerabilities

Vulnerabilities for packages: datahub-ingestion-fips, mlflow, open-webui, datahub-ingestion, pgadmin4-fips, airflow...

5.4CVSS5.9AI score0.00106EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/04/28 11:25 p.m.4 views

SUSE CVE-2026-41425

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.11, there is no CSRF protection on the cache feature in authlib.integrations.starletteclient.OAuth. This vulnerability is fixed in 1.6.11...

5.4CVSS5.3AI score0.00106EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-41425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.11, there is no CSRF protection on the cache feature in...

5.4CVSS5.8AI score0.00106EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2026/04/24 8:16 p.m.14 views

aad-fastapi (>=1.0.0 <=1.1.2), aad-fastapi-dl37 (>=1.0.0 <=1.0.3) +232 more potentially affected by CVE-2026-41425 via authlib (>=0.10.0 <=1.6.10)

authlib PYPI version =0.10.0, =1.0.0, =1.0.0, =0.0.1, =1.0.2, =1.0.2, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.1 and more Source cves: CVE-2026-41425 Source advisory: OSV:PYSEC-2026-25...

5.4CVSS5.7AI score0.00106EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2026/04/24 8:16 p.m.3 views

CVE-2026-41425

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.11, there is no CSRF protection on the cache feature in authlib.integrations.starletteclient.OAuth. This vulnerability is fixed in 1.6.11...

5.4CVSS5.8AI score0.00106EPSS
Exploits1References2
CVE
CVE
added 2026/04/24 7:14 p.m.17 views

CVE-2026-41425

Authlib (Python) Authlib.integrations.starlette_client.OAuth cache feature is vulnerable prior to version 1.6.11 due to missing CSRF protection. The vulnerability affects the cache path of the OAuth implementation, enabling cross-site request forgery under the described conditions. The issue is f...

5.4CVSS5.3AI score0.00106EPSS
Exploits1References1Affected Software1
vulnersOsv
vulnersOsv
added 2026/04/16 10:38 p.m.8 views

aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +167 more potentially affected by CVE-2026-41425 via authlib (>=1.0.0 <=1.6.10)

authlib PYPI version =1.0.0, =1.0.0, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2026-41425 Source advisory:...

5.4CVSS5.7AI score0.00106EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/16 10:38 p.m.14 views

aad-fastapi (>=1.0.0 <=1.1.2), aad-fastapi-dl37 (>=1.0.0 <=1.0.3) +232 more potentially affected by CVE-2026-41425 via authlib (>=0.10.0 <=1.6.10)

authlib PYPI version =0.10.0, =1.0.0, =1.0.0, =0.0.1, =1.0.2, =1.0.2, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.1 and more Source cves: CVE-2026-41425 Source advisory: OSV:GHSA-JJ8C-MMJ3-MMGV...

5.4CVSS5.7AI score0.00106EPSS
Exploits1
Rows per page
Query Builder