122 matches found
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass via the OAuth sign-in callback process. An attacker can regain access to accounts that have been disabled by an administrator by initiating an OAuth sign-in, resulting in unauthorized re-enablement of those account...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass via the OAuth sign-in callback process. An attacker can regain access to accounts that have been disabled by an administrator by initiating an OAuth sign-in, resulting in unauthorized re-enablement of those account...
CVE-2026-58422
Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts...
CVE-2026-58422
Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts...
CVE-2026-58422
CVE-2026-58422 describes an access control bypass in the OAuth sign-in callback that can silently re-enable administrator-disabled accounts in affected Go-Gitea installations. Concrete technical details from connected sources identify vulnerable components as the Gitea web router package paths: r...
PT-2026-55655
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Improper authorization occurs during the OAuth sign-in callback process, which allows accounts that were previously disabled by an administrator to be silently...
Astra Linux – Vulnerability in the 389-DS-base
A flaw was discovered in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then any password will successfully match during authentication, instead of being inactive. This flaw allows an attacker to successfully authenticate as a user whose password h...
Authentication Bypass
Spring Web Services is vulnerable to Authentication Bypass. The vulnerability is due to X509AuthenticationProvider issuing a fully authenticated X509AuthenticationToken based solely on certificate-to-user mapping, without enforcing standard account status checks such as disabled, locked, expired,...
Incorrect Implementation of Authentication Algorithm
Overview Affected versions of this package are vulnerable to Incorrect Implementation of Authentication Algorithm via the X509AuthenticationProvider class in X509AuthenticationProvider.java. The provider issues a fully authenticated X509AuthenticationToken whenever a presented certificate maps to...
CVE-2026-46657
Bludit is a content management system. Versions prior to 3.22.0 have a vulnerability in the user management logic that allows deactivated accounts to maintain access via persistent authentication tokens. When an administrator disables a user account, the application fails to invalidate or clear t...
CVE-2026-24069
Kiuwan SAST improperly authorizes SSO logins for locally disabled mapped user accounts, allowing disabled users to continue accessing the application. Kiuwan Cloud was affected, and Kiuwan SAST on-premise KOP was affected before 2.8.2509.4...
CVE-2026-33031
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, a user who was disabled by an administrator can use previously issued API tokens for up to the token lifetime. In practice, disabling a compromised account does not actually terminate that user’s access, so an...
Spring Security Vulnerable to User Attribute Enumeration when Using DaoAuthenticationProvider
Vulnerability in Spring Spring Security. If an application is using the UserDetailsisEnabled, isAccountNonExpired, or isAccountNonLocked user attributes, to enable, expire, or lock users, then DaoAuthenticationProvider's timing attack defense can be bypassed for users who are disabled, expired, o...
CVE-2026-22746
The CVE concerns Spring Security vulnerability CVE-2026-22746 where the timing-attack defense in DaoAuthenticationProvider can be bypassed when an application uses the UserDetails attributes isEnabled, isAccountNonExpired, or isAccountNonLocked to manage user status. Affected versions include Spr...
CVE-2026-22746 User Attribute Enumeration when Using DaoAuthenticationProvider
Vulnerability in Spring Spring Security. If an application is using the UserDetailsisEnabled, isAccountNonExpired, or isAccountNonLocked user attributes, to enable, expire, or lock users, then DaoAuthenticationProvider's timing attack defense can be bypassed for users who are disabled, expired, o...
EUVD-2026-23965
Nginx-UI: Disabled users retain full API access through previously issued bearer tokens...
Nginx-UI: Disabled users retain full API access through previously issued bearer tokens
Summary A user who was disabled by an administrator can use previously issued API tokens for up to the token lifetime. In practice, disabling a compromised account does not actually terminate that user’s access, so an attacker who already stole a JWT can continue reading and modifying protected...
Nginx-UI: Disabled users retain full API access through previously issued bearer tokens
A user who was disabled by an administrator can use previously issued API tokens for up to the token lifetime. In practice, disabling a compromised account does not actually terminate that user’s access, so an attacker who already stole a JWT can continue reading and modifying protected resources...
CVE-2026-33031
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, a user who was disabled by an administrator can use previously issued API tokens for up to the token lifetime. In practice, disabling a compromised account does not actually terminate that user’s access, so an...
CVE-2026-33031 Nginx-UI: Disabled users retain full API access through previously issued bearer tokens
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, a user who was disabled by an administrator can use previously issued API tokens for up to the token lifetime. In practice, disabling a compromised account does not actually terminate that user’s access, so an...