Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/12/12 1:6 a.m.3 views

CVE-2025-67716

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions 4.9.0 through 4.12.1 contain an input-validation flaw in the returnTo parameter, which could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request...

5.7CVSS6.8AI score0.00044EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/12/11 12:21 a.m.25 views

CVE-2025-67716 Auth0 Next.js SDK has Improper Validation of Query Parameters

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions 4.9.0 through 4.12.1 contain an input-validation flaw in the returnTo parameter, which could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request...

5.7CVSS0.00044EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/12/11 12:21 a.m.1 views

CVE-2025-67716 Auth0 Next.js SDK has Improper Validation of Query Parameters

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions 4.9.0 through 4.12.1 contain an input-validation flaw in the returnTo parameter, which could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request...

5.7CVSS6.4AI score0.00044EPSS
Exploits0References2
OSV
OSVadded 2025/12/11 12:21 a.m.3 views

CVE-2025-67716 Auth0 Next.js SDK has Improper Validation of Query Parameters

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions 4.9.0 through 4.12.1 contain an input-validation flaw in the returnTo parameter, which could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request...

5.7CVSS6.7AI score0.00044EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2025/12/10 9:35 p.m.10 views

Improper Validation of Query Parameters in Auth0 Next.js SDK

Description An input-validation flaw in the returnTo parameter in the Auth0 Next.js SDK could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request. Successful exploitation may result in tokens being issued with unintended parameters Am I Affected? You a...

5.7CVSS6.8AI score0.00044EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-26391

Malicious code in bioql PyPI...

4.2CVSS6.3AI score0.00059EPSS
Exploits0References6
NVD
NVDadded 2014/07/02 6:55 p.m.10 views

CVE-2014-4595

Multiple cross-site scripting XSS vulnerabilities in the WP RESTful plugin 0.1 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 oauthcallback parameter to htmlapiauthorize.php or the 2 oauthtokentemp or 3 oauthcallbacktemp parameter to...

4.3CVSS5.9AI score0.00239EPSS
Exploits1References1
Rows per page
Query Builder