1click-gh-token-stealing-via-vscode-POC

1-Click GitHub Token Stealing via VSCode Proof-of-Concept exp...

CVE-2026-40302 zrok has reflected XSS in GitHub OAuth callback via unsanitized refreshInterval error rendering

zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, the proxyUi template engine uses Go's text/template which performs no HTML escaping instead of html/template. The GitHub OAuth callback handlers in both publicProxy and dynamicProxy embed the...

CVE-2026-40302 zrok has reflected XSS in GitHub OAuth callback via unsanitized refreshInterval error rendering

zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, the proxyUi template engine uses Go's text/template which performs no HTML escaping instead of html/template. The GitHub OAuth callback handlers in both publicProxy and dynamicProxy embed the...

CVE-2026-40302

CVE-2026-40302 affects zrok prior to v2.0.1. The proxyUi template engine used Go's text/template (no HTML escaping), leading to reflected XSS via an attacker-controlled refreshInterval error rendered in the GitHub OAuth callback. An attacker can send a crafted login URL; after OAuth completes, th...

GHSA-4FXQ-2X3X-6XQX zrok: Reflected XSS in GitHub OAuth callback via unsanitized refreshInterval error rendering

Summary The proxyUi template engine uses Go's text/template which performs no HTML escaping instead of html/template. The GitHub OAuth callback handlers in both publicProxy and dynamicProxy embed the attacker-controlled refreshInterval query parameter verbatim into an error message when...

CVE-2026-27124

A flaw was found in FastMCP and FastMCP OAuthProxy. The OAuthProxy, used for GitHub OAuth authentication, does not properly validate a user's consent after receiving an authorization code from GitHub. This, combined with GitHub's behavior of skipping the consent page for previously authorized...

CVE-2026-27124 FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities

FastMCP is the standard framework for building MCP applications. Prior to version 3.2.0, while testing the GitHubProvider OAuth integration, which allows authentication to a FastMCP MCP server via a FastMCP OAuthProxy using GitHub OAuth, it was discovered that the FastMCP OAuthProxy does not...

CVE-2026-27124

FastMCP is the standard framework for building MCP applications. Prior to version 3.2.0, while testing the GitHubProvider OAuth integration, which allows authentication to a FastMCP MCP server via a FastMCP OAuthProxy using GitHub OAuth, it was discovered that the FastMCP OAuthProxy does not...

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition in the GenericOAuthService, GithubOAuthService, GoogleOAuthService Auth services. An attacker can gain unauthorized access to another user's session and associated resources by timing concurrent OAuth login requests to...

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition in the GenericOAuthService, GithubOAuthService, GoogleOAuthService Auth services. An attacker can gain unauthorized access to another user's session and associated resources by timing concurrent OAuth login requests to...

The Geomys Standard of Care

One of the most impactful effects of professionalizing open source maintenance is that as professionals we can invest into upholding a set of standards that make our projects safer and more reliable. The same commitments and overhead that are often objected to when required of volunteers should b...

CVE-2025-22607 Coolify Vulnerable to GitHub / GitLab OAuth Secrets Leak

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to fetch the details page for any GitHub / GitLab configuration on a Coolify instance by only knowing the UU...

Open redirect

Novu provides an API for sending notifications through multiple channels. Versions prior to 0.16.0 contain an open redirect vulnerability in the "Sign In with GitHub" functionality of Novu's open-source repository. It could have allowed an attacker to force a victim into opening a malicious URL a...

CVE-2023-35948 Novu Open Redirect Vulnerability in Sign-In with GitHub Functionality

Novu provides an API for sending notifications through multiple channels. Versions prior to 0.16.0 contain an open redirect vulnerability in the "Sign In with GitHub" functionality of Novu's open-source repository. It could have allowed an attacker to force a victim into opening a malicious URL a...

CircleCI: Malware stole GitHub OAuth keys, bypassing 2FA

Software development service company CircleCI has published its incident report on a breach that happened in December. CircleCI revealed an engineer's laptop was successfully infected with a yet-to-be-named information-stealing Trojan, which was used to steal an engineer's session cookie. The...

com.groupon.jenkins-ci.plugins:DotCi (>=1.0.0 <=2.27.0), com.groupon.jenkins-ci.plugins:DotCi-DockerPublish (>=1.0.0 <=1.0.3) +5 more potentially affected by CVE-2019-10315 via org.jenkins-ci.plugins:github-oauth (>=0.14 <=0.20)

org.jenkins-ci.plugins:github-oauth MAVEN version =0.14, =1.0.0, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.0.0, =1.0.0, =1.1.2 Source cves: CVE-2019-10315 Source advisory: OSV:GHSA-PHWV-CRGP-9R69...

com.groupon.jenkins-ci.plugins:DotCi (>=1.0.0 <=2.27.0), com.groupon.jenkins-ci.plugins:DotCi-DockerPublish (>=1.0.0 <=1.0.3) +5 more potentially affected by CVE-2019-1003018 via org.jenkins-ci.plugins:github-oauth (>=0.14 <=0.20)

org.jenkins-ci.plugins:github-oauth MAVEN version =0.14, =1.0.0, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.0.0, =1.0.0, =1.1.2 Source cves: CVE-2019-1003018 Source advisory: OSV:GHSA-87PJ-9Q82-M9QH...

com.groupon.jenkins-ci.plugins:DotCi (>=1.0.0 <=2.27.0), com.groupon.jenkins-ci.plugins:DotCi-DockerPublish (>=1.0.0 <=1.0.3) +5 more potentially affected by CVE-2019-1003019 via org.jenkins-ci.plugins:github-oauth (>=0.14 <=0.20)

org.jenkins-ci.plugins:github-oauth MAVEN version =0.14, =1.0.0, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.0.0, =1.0.0, =1.1.2 Source cves: CVE-2019-1003019 Source advisory: OSV:GHSA-MCQX-WC2J-QX9V...

OPENSUSE-SU-2021:1289-1 Security update for php-composer

This update for php-composer fixes the following issues: - Require php-mbstring as requested in boo1187416 - Version 1.10.22 Security: Fixed command injection vulnerability in HgDriver/HgDownloader and hardened other VCS drivers and downloaders GHSA-h5h8-pc6h-jvvx / CVE-2021-29472, boo1185376 -...