Lucene search
K

5 matches found

NVD
NVD
added 3 days ago7 views

CVE-2026-3367

The Lockme OAuth2 calendars integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'App ID' setting in all versions up to, and including, 2.11.0. This is due to insufficient input sanitization and output escaping. The registersetting call on line 197 lacks a sanitiz...

4.4CVSS0.00256EPSS
Exploits0References14
NVD
NVD
added 2026/06/23 8:16 a.m.14 views

CVE-2026-9733

Mojolicious::Plugin::Web::Auth::OAuth2 versions through 0.17 for Perl have an insecure default state parameter. When no state generator is specified in the constructor, the module defaults to using a SHA-1 hash of predictable and low-entropy sources, including the epoch time which is leaked via t...

9.1CVSS0.00339EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-41070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on SSO auth flows. From version 1.26.3 to...

10CVSS5.4AI score0.00438EPSS
Exploits0References2
NVD
NVD
added 2026/05/08 4:16 p.m.22 views

CVE-2026-41070

openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on SSO auth flows. From version 1.26.3 to before version 1.27.3, when openvpn-auth-oauth2 is deployed in the experimental plugin mode shared library loaded by OpenVPN via the plugin...

10CVSS0.00438EPSS
Exploits0References2
CVE
CVE
added 2026/05/08 3:14 p.m.23 views

CVE-2026-41070

OpenVPN OAuth2 plugin flaw exists in the experimental plugin mode: from v1.26.3 to before v1.27.3, clients that do not support WebAuth/SSO (e.g., Linux openvpn CLI) could be admitted even when authentication logic denied access. Root cause: in handleAuthUserPassVerify, ClientAuthDeny wrote "0" to...

10CVSS5.8AI score0.00438EPSS
Exploits0References2
Rows per page
Query Builder