Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.4 views

CVE-2026-4349

A vulnerability was determined in Duende IdentityServer4 up to 4.1.2. The affected element is an unknown function of the file /connect/authorize of the component Token Renewal Endpoint. This manipulation of the argument idtokenhint causes improper authentication. It is possible to initiate the...

6.3CVSS5.7AI score0.00407EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/18 12:30 a.m.7 views

EUVD-2026-12659

A vulnerability was determined in Duende IdentityServer 4. The affected element is an unknown function of the file /connect/authorize of the component Token Renewal Endpoint. This manipulation of the argument idtokenhint causes improper authentication. It is possible to initiate the attack...

6.3CVSS5.4AI score0.00407EPSS
Exploits0References4
NVD
NVD
added 2026/03/17 10:16 p.m.5 views

CVE-2026-4349

A vulnerability was determined in Duende IdentityServer4 up to 4.1.2. The affected element is an unknown function of the file /connect/authorize of the component Token Renewal Endpoint. This manipulation of the argument idtokenhint causes improper authentication. It is possible to initiate the...

6.3CVSS0.00407EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/17 9:32 p.m.2 views

CVE-2026-4349 Duende IdentityServer4 Token Renewal Endpoint authorize improper authentication

A vulnerability was determined in Duende IdentityServer4 up to 4.1.2. The affected element is an unknown function of the file /connect/authorize of the component Token Renewal Endpoint. This manipulation of the argument idtokenhint causes improper authentication. It is possible to initiate the...

6.3CVSS5.7AI score0.00407EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/17 9:32 p.m.29 views

CVE-2026-4349 Duende IdentityServer4 Token Renewal Endpoint authorize improper authentication

A vulnerability was determined in Duende IdentityServer4 up to 4.1.2. The affected element is an unknown function of the file /connect/authorize of the component Token Renewal Endpoint. This manipulation of the argument idtokenhint causes improper authentication. It is possible to initiate the...

6.3CVSS0.00407EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/17 9:32 p.m.4 views

CVE-2026-4349

A vulnerability was determined in Duende IdentityServer4 up to 4.1.2. The affected element is an unknown function of the file /connect/authorize of the component Token Renewal Endpoint. This manipulation of the argument idtokenhint causes improper authentication. It is possible to initiate the...

6.3CVSS5.7AI score0.00407EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/17 9:32 p.m.40 views

CVE-2026-4349

CVE-2026-4349 affects Duende IdentityServer 4; vulnerable component is the Token Renewal Endpoint under /connect/authorize, where manipulation of the id_token_hint argument leads to improper authentication. The issue is described as remote-exploitable with high attack complexity, but the provided...

6.3CVSS5.7AI score0.00407EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.12 views

PT-2026-25949

A vulnerability was determined in Duende IdentityServer 4. The affected element is an unknown function of the file /connect/authorize of the component Token Renewal Endpoint. This manipulation of the argument id token hint causes improper authentication. It is possible to initiate the attack...

6.3CVSS5.3AI score0.00407EPSS
Exploits0References5
Rows per page
Query Builder