CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

86 matches found

Patchstack•added 2026/05/15 5:33 p.m.•15 views

NPM: Better Auth: OAuth callback accepts mismatched `state` when cookie-backed state storage is used without PKCE

NPM: Better Auth: OAuth callback accepts mismatched state when cookie-backed state storage is used without PKCE vulnerability discovered by ? in WordPress Npm better-auth versions 1.6.2...

5.8AI score

Exploits0References5Affected Software1

CNNVD•added 2026/05/15 12:0 a.m.•6 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities were caused by TOCTOU race conditions in the LDAP and OAuth authentication processes, which could allow...

8.1CVSS5.8AI score0.00115EPSS

Exploits1References2

RedhatCVE•added 2026/04/02 10:54 p.m.•5 views

CVE-2026-34456

Reviactyl is an open-source game server management panel built using Laravel, React, FilamentPHP, Vite, and Go. From version 26.2.0-beta.1 to before version 26.2.0-beta.5, a vulnerability in the OAuth authentication flow allowed automatic linking of social accounts based solely on matching email...

9.8CVSS5.8AI score0.00037EPSS

Exploits0References1

NVD•added 2026/04/01 8:16 p.m.•2 views

CVE-2026-34456

9.8CVSS0.00037EPSS

Exploits0References3

Positive Technologies•added 2026/04/01 12:0 a.m.•2 views

PT-2026-29593

Name of the Vulnerable Software and Affected Versions Reviactyl versions 26.2.0-beta.1 through 26.2.0-beta.4 Description A flaw in the OAuth authentication process allowed for automatic linking of social accounts based solely on matching email addresses. An attacker could create or control a soci...

9.1CVSS5.9AI score0.00037EPSS

Exploits0References9

OSV•added 2026/03/25 6:6 p.m.•2 views

CVE-2026-33720 n8n Has Authorization Bypass in OAuth Callback via N8N_SKIP_AUTH_ON_OAUTH_CALLBACK

n8n is an open source workflow automation platform. Prior to version 2.8.0, when the N8NSKIPAUTHONOAUTHCALLBACK environment variable is set to true, the OAuth callback handler skips ownership verification of the OAuth state parameter. This allows an attacker to trick a victim into completing an...

6.3CVSS5.9AI score0.00014EPSS

Exploits0References3

Vulnrichment•added 2026/03/12 6:35 p.m.•1 views

CVE-2026-32235 @backstage/plugin-auth-backend: OAuth redirect URI allowlist bypass

Backstage is an open framework for building developer portals. Prior to 0.27.1, the experimental OIDC provider in @backstage/plugin-auth-backend is vulnerable to a redirect URI allowlist bypass. Instances that have enabled experimental Dynamic Client Registration or Client ID Metadata Documents a...

5.9CVSS5.9AI score0.00033EPSS

Exploits0References1

Cvelist•added 2026/03/11 8:41 p.m.•25 views

CVE-2026-32111 ha-mcp OAuth 2.1 DCR mode enables network reconnaissance via an error oracle

ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form beta feature accepts a user-supplied haurl and makes a server-side HTTP request to haurl/api/config with no URL validation. An unauthenticated attacker can submit arbitrary URLs to perform internal network...

5.3CVSS0.00042EPSS

Exploits0References1

Positive Technologies•added 2026/03/11 12:0 a.m.•2 views

PT-2026-24838

ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form renders user-controlled parameters via Python f-strings with no HTML escaping. An attacker who can reach the OAuth endpoint and convince the server operator to follow a crafted authorization URL could execute...

6.8CVSS5.8AI score0.00037EPSS

Exploits0References4

Snyk•added 2026/02/19 8:32 p.m.•2 views

Origin Validation Error

Overview @feathersjs/authentication-oauth is an oAuth 1 and 2 authentication for Feathers. Powered by Grant. Affected versions of this package are vulnerable to Origin Validation Error in the getAllowedOrigin function. An attacker can gain unauthorized access to sensitive information and...

8.1CVSS5.6AI score0.00008EPSS

Exploits0References2

NVD•added 2026/02/13 12:16 a.m.•4 views

CVE-2025-40905

WWW::OAuth 1.000 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions...

7.3CVSS0.0006EPSS

Exploits0References4

RedhatCVE•added 2026/01/07 9:11 a.m.•16 views

CVE-2025-1909

The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for...

9.8CVSS6.8AI score0.0103EPSS

Exploits0References1

Cvelist•added 2025/11/27 3:55 p.m.•10 views

CVE-2025-12419 Account takeover on OAuth/OpenID-enabled servers

Mattermost versions 10.12.x = 10.12.1, 10.11.x = 10.11.4, 10.5.x = 10.5.12, 11.0.x = 11.0.3 fail to properly validate OAuth state tokens during OpenID Connect authentication which allows an authenticated attacker with team creation privileges to take over a user account via manipulation of...

9.9CVSS0.00086EPSS

Exploits0References1

Cvelist•added 2025/11/11 3:30 a.m.•4 views

CVE-2025-12021 WP-OAuth <= 0.4.1 - Reflected Cross-Site Scripting

The WP-OAuth plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'errordescription' parameter in all versions up to, and including, 0.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

6.1CVSS0.00158EPSS

Exploits0References4