Lucene search
+L

838 matches found

nvd
nvd
added yesterday5 views

CVE-2026-52893

Wekan is open source kanban built with Meteor. Prior to 9.32, the Wekan Accounts.onCreateUser hook in server/models/users.js merges OIDC logins into existing accounts when the OIDC email or username matches an existing Wekan user, without verifying ownership or checking emailverified. An attacker...

9.2CVSS0.00032EPSS
Exploits0References3
nvd
nvd
added yesterday7 views

CVE-2026-33684

WWBN AVideo is an open source video platform. Prior to version 29.0, Privilege Escalation is possible through unguarded permission parameters in signUp API, which allows any user who can solve a CAPTCHA to self-grant elevated permissions during account registration. The setapisignUp method in the...

5.3CVSS
Exploits0References1
cve
cve
added yesterday13 views

CVE-2026-33684

Summary: CVE-2026-33684 affects WWBN AVideo prior to 29.0. The set_api_signUp API path accepts and applies user-supplied emailVerified, canUpload, canStream, and canCreateMeet values to new accounts without confirming a valid APISecret, enabling CAPTCHA-solved (anonymous) or APISecret-authenticat...

5.3CVSS6.1AI score
Exploits0References1
cvelist
cvelist
added yesterday32 views

CVE-2026-33684 AVideo's Privilege AVideo: Escalation via Unguarded Permission Parameters in signUp API Allows Self-Granting Upload/Stream/Meet Permissions

WWBN AVideo is an open source video platform. Prior to version 29.0, Privilege Escalation is possible through unguarded permission parameters in signUp API, which allows any user who can solve a CAPTCHA to self-grant elevated permissions during account registration. The setapisignUp method in the...

5.3CVSS
Exploits0References1
nvd
nvd
added yesterday5 views

CVE-2026-53516

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, Better Auth's OAuth callback auto-link gate in handleOAuthUserInfo accepts implicit account linking when the OAuth provider asserts emailverified: true without requiring the local user row's emailVerified...

8.3CVSS0.00019EPSS
Exploits0References4
nvd
nvd
added yesterday5 views

CVE-2026-53514

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, and in 1.6.14 and later when invitation IDs can be obtained outside the invited mailbox and requireEmailVerificationOnInvitation: true is not enabled, the organization plugin's acceptInvitation,...

7.7CVSS0.00016EPSS
Exploits0References4
cve
cve
added yesterday11 views

CVE-2026-53514

Better Auth (organization plugin) exposes a vulnerability where an attacker with an unverified session for the invited email and a leaked invitationId can join the organization by calling acceptInvitation/rejectInvitation/getInvitation/listUserInvitations, due to email-string ownership checks not...

7.7CVSS6.1AI score0.00016EPSS
Exploits0References4
cvelist
cvelist
added yesterday32 views

CVE-2026-53516 Better Auth: Account takeover via OAuth auto-link to unverified pre-registered email

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, Better Auth's OAuth callback auto-link gate in handleOAuthUserInfo accepts implicit account linking when the OAuth provider asserts emailverified: true without requiring the local user row's emailVerified...

8.3CVSS0.00019EPSS
Exploits0References4
ptsecurity
ptsecurity
added yesterday7 views

PT-2026-60204

Name of the Vulnerable Software and Affected Versions Vaultwarden versions prior to 1.36.0 Description The SSO login flow fails to verify the email verified claim from the Identity Provider IdP when the SSO SIGNUPS MATCH EMAIL variable is set to true during the linking of an IdP identity to an...

7.7CVSS6.1AI score0.00053EPSS
Exploits0References8
euvd
euvd
added 2 days ago4 views

EUVD-2026-43628

The WP 2FA WordPress plugin before 3.1.1.2 does not verify that the email address supplied during two-factor authentication setup belongs to the user, allowing an attacker who has obtained a user's credentials to redirect the setup verification code to an attacker-controlled email address and tak...

6.4CVSS6.1AI score0.00169EPSS
Exploits0References1
ptsecurity
ptsecurity
added 4 days ago7 views

PT-2026-57554

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description Insufficient verification during the email change process allows an attacker with access to a valid session cookie or an authenticated browser to change the account email address. This occurs becaus...

8.4CVSS6.1AI score0.00244EPSS
Exploits0References8
attackerkb
attackerkb
added 6 days ago1 views

CVE-2026-56666

ZITADEL is an open source identity management platform. Prior to 4.15.3, ZITADEL's external identity provider handler checks that the local user's email is verified but does not verify that the external IdP confirmed ownership of the same email before auto-linking by email, allowing a permissive...

4.8CVSS6.1AI score0.00189EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 6 days ago31 views

CVE-2026-56666 ZITADEL: Auto-linking by email: IdP-side email verification is not checked

ZITADEL is an open source identity management platform. Prior to 4.15.3, ZITADEL's external identity provider handler checks that the local user's email is verified but does not verify that the external IdP confirmed ownership of the same email before auto-linking by email, allowing a permissive...

4.8CVSS0.00189EPSS
Exploits0References3
cve
cve
added 6 days ago10 views

CVE-2026-56666

ZITADEL before v4.15.3 permits auto-linking by email without confirming IdP ownership of the email. The external IdP handler validates the local email but not that the IdP confirms ownership, enabling linking a permissive provider account to a victim’s local account. This vulnerability is address...

4.8CVSS6.1AI score0.00189EPSS
Exploits0References3
osv
osv
added 6 days ago3 views

CVE-2026-56666 ZITADEL: Auto-linking by email: IdP-side email verification is not checked

ZITADEL is an open source identity management platform. Prior to 4.15.3, ZITADEL's external identity provider handler checks that the local user's email is verified but does not verify that the external IdP confirmed ownership of the same email before auto-linking by email, allowing a permissive...

4.8CVSS6.1AI score0.00189EPSS
Exploits0References5
ptsecurity
ptsecurity
added 6 days ago9 views

PT-2026-57277

Name of the Vulnerable Software and Affected Versions miniOrange Social Login and Register Discord, Google, Twitter, LinkedIn versions prior to 7.7.1 Description An authentication bypass exists in the Profile Completion flow that allows for account takeover. The issue occurs because the plugin...

9.8CVSS6.2AI score0.00463EPSS
Exploits0References12
nvd
nvd
added 2026/07/08 8:17 p.m.6 views

CVE-2026-60104

Bitwarden Server before 2026.6.0 does not verify that the email in a POST /auth-requests/admin-request body belongs to the authenticated caller, allowing a low-privileged organization member to obtain another user's vault key and a victim-scoped access token by creating a Trusted Device Encryptio...

9.3CVSS0.00186EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.4 views

PT-2026-56552

Name of the Vulnerable Software and Affected Versions Bitwarden Server versions prior to 2026.6.0 Description An issue exists where the server fails to verify if the email address provided in the body of the 'POST /auth-requests/admin-request' endpoint belongs to the authenticated user. This allo...

9.3CVSS6.1AI score0.00186EPSS
Exploits0References10
cvelist
cvelist
added 2026/07/07 10:23 p.m.28 views

CVE-2026-55076 Coder's OIDC email_verified type coercion bypass enables account takeover via unverified email linking

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, Coder's OIDC callback checked emailverified with a direct Go bool type assertion. When an IdP returned the claim as a non-boolean for example the string...

7.4CVSS0.00479EPSS
Exploits0References7
attackerkb
attackerkb
added 2026/07/07 10:23 p.m.6 views

CVE-2026-55076

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, Coder's OIDC callback checked emailverified with a direct Go bool type assertion. When an IdP returned the claim as a non-boolean for example the string...

7.4CVSS6AI score0.00479EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder