2390 matches found
WordPress Secufor_OAuth plugin <= 1.0.7 - Missing Authorization to Unauthenticated Account Logout vulnerability
Missing Authorization to Unauthenticated Account Logout vulnerability discovered by SHIVAM KUMAR in WordPress Plugin SecuforOAuth versions = 1.0.7...
CVE-2026-55423 Langflow: Logout button does not clear session
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.7.0, the logout button does not clear the session. The previous user stays logged in unless another user explicitly logs in. This vulnerability is fixed in 1.7.0...
CVE-2026-55423
CVE-2026-55423 affects Langflow prior to version 1.7.0, where the /logout flow fails to clear session data. Root cause: the logout endpoint did not delete cookies with matching attributes (httponly/samesite/secure/domain), so tokens persisted in local storage and cookies even after logout. Conseq...
CVE-2026-50184
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...
GHSA-7HW8-6Q6R-4276 Langflow: Logout button does not clear session
Summary The logout button does not clear the session. The previous user stays logged in unless another user explicitly logs in. Details Not in auto login mode. Hosted on localhost. accesstokenlf remains present in both Local Storage and Cookies. refreshtokenlf remains present in Cookies. Root...
Langflow: Logout button does not clear session
Summary The logout button does not clear the session. The previous user stays logged in unless another user explicitly logs in. Details Not in auto login mode. Hosted on localhost. accesstokenlf remains present in both Local Storage and Cookies. refreshtokenlf remains present in Cookies. Root...
PT-2026-51100
Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.7.0 Description The logout button fails to clear the user session, allowing a previous user to remain logged in unless another user explicitly authenticates. This occurs because the '/logout' endpoint deletes...
GHSA-29JH-8CFQ-RR8X ZITADEL: Server-Side Request Forgery (SSRF) and Denylist Bypass in Outgoing HTTP Components
Summary A Server-Side Request Forgery SSRF vulnerability was discovered in Zitadel affecting: HTTP Notification Channels: Used as an alternative to SMTP/Twilio configurations, sending payloads to user-defined URLs via HTTP POST webhooks. OIDC BackChannel Logout: Terminates sessions across differe...
PT-2026-50740
Name of the Vulnerable Software and Affected Versions Zitadel versions 4.0.0 through 4.15.1 Zitadel versions 3.0.0 through 3.4.11 Description A Server-Side Request Forgery SSRF issue exists in components that handle outgoing HTTP requests, specifically HTTP Notification Channels, OIDC BackChannel...
GHSA-95QP-CMMW-MGQV @angular/service-worker: Request Credential & Cache Policy Stripping
An issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during request reconstruction. When the Angular Service Worker intercepts network requests for matched assets, it reconstructs a new Request object using an internal helper function. During thi...
PT-2026-49563
Name of the Vulnerable Software and Affected Versions @angular/service-worker versions prior to 19.2.23 @angular/service-worker versions prior to 20.3.22 @angular/service-worker versions prior to 21.2.15 @angular/service-worker versions prior to 22.0.0-rc.2 Description An issue in the...
CVE-2026-41694
Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signature, attackers may be able to craft these SAML payloads and use the Service Provider as a decryption oracle. Affected versions: Spring Security 5.7.0...
GHSA-RQFJ-VV8R-XHQC nebula-mesh: Session and OIDC state cookies lack the Secure attribute
internal/web/session.go and internal/web/oidc.go set HttpOnly and SameSite=Lax on every cookie but never Secure. A single plaintext request to the origin operator on a LAN, mistyped URL, HTTP→HTTPS not strictly enforced, reverse proxy misconfiguration discloses the session. Affected All released...
nebula-mesh: Session and OIDC state cookies lack the Secure attribute
internal/web/session.go and internal/web/oidc.go set HttpOnly and SameSite=Lax on every cookie but never Secure. A single plaintext request to the origin operator on a LAN, mistyped URL, HTTP→HTTPS not strictly enforced, reverse proxy misconfiguration discloses the session. Affected All released...
EUVD-2026-35889
Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signature, attackers may be able to craft these SAML payloads and use the Service Provider as a decryption oracle. Affected versions: Spring Security 5.7.0...
CVE-2026-41694
Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signature, attackers may be able to craft these SAML payloads and use the Service Provider as a decryption oracle. Affected versions: Spring Security 5.7.0...
Spring Security 加密问题漏洞
Spring Security is a security framework developed by Spring OpenSource that includes authentication and authorization features. Spring Security has a data manipulation vulnerability, which stems from SAML decryption of SAML responses, as well as SAML logout requests and logout responses whose...
PT-2026-48541
Name of the Vulnerable Software and Affected Versions nebula-mesh versions prior to 0.3.2 Description Cookies in internal/web/session.go and internal/web/oidc.go are configured with HttpOnly and SameSite=Lax but lack the Secure attribute. This allows a session to be disclosed if a plaintext reque...
CVE-2026-41694 SAML Payloads Decrypted Without Valid Signature
Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signature, attackers may be able to craft these SAML payloads and use the Service Provider as a decryption oracle. Affected versions: Spring Security 5.7.0...
Information Exposure
Overview org.springframework.security:spring-security-saml2-service-provider is a security component for the Spring Framework. Affected versions of this package are vulnerable to Information Exposure via SAML message decryption prior to signature validation. An attacker can use the Service Provid...