157 matches found
EUVD-2026-43028
Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security Software Pvt Ltd. OAuth Single Sign On - SSO OAuth Client allows Password Recovery Exploitation. This issue affects OAuth Single Sign On - SSO OAuth Client: from n/a through 38.5.8...
CVE-2026-8609
Grafana CVE-2026-8609 describes an unauthenticated denial-of-service via repeated requests to the OAuth login route. The issue allows an attacker to trigger unbounded memory growth, potentially exhausting memory and crashing the Grafana instance. The entry provides CVSS v3.1 data (AV:N/AC:L/PR:N/...
PT-2026-57307
Name of the Vulnerable Software and Affected Versions miniOrange OAuth Single Sign On - SSO OAuth Client versions prior to 38.5.9 Description An authentication bypass exists in the miniOrange OAuth SSO WordPress plugin. An unauthenticated remote attacker can exploit an alternate password-recovery...
CVE-2026-58422
CVE-2026-58422 describes an access control bypass in the OAuth sign-in callback that can silently re-enable administrator-disabled accounts in affected Go-Gitea installations. Concrete technical details from connected sources identify vulnerable components as the Gitea web router package paths: r...
CVE-2026-58422 Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts
Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts...
PT-2026-55597
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description The software fails to correctly persist the OAuth2 PKCE S256 challenge method during the authorization process. This flaw allows for token exchange without the required verifier check. PKCE Proof Key...
PT-2026-52494
Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.5 Description LibreChat is an enhanced ChatGPT clone supporting multiple AI providers. The MCP OAuth implementation fails to validate that the resource parameter from OAuth Protected Resource metadata RFC 9728...
CVE-2026-45732
CVE-2026-45732 affects n8n, an open-source workflow automation platform. The vulnerability lies in the OAuth1/OAuth2 credential reconnect endpoints, which incorrectly authorize access using credential:read instead of credential:update. An authenticated user with read-only access to a shared crede...
PT-2026-50709
Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.468 Description An issue exists in the unauthenticated 'POST /api/onboarding/oauth/start' endpoint that allows for unbounded accumulation of in-memory flow state and daemon threads. This can lead to resource...
CVE-2026-44188
A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If an attacker exfiltrates a valid OAuth Open Authorization access token before a user logs out, they...
CVE-2026-44188 Ansible-lightspeed: ansible lightspeed: session hijacking and unauthorized data access due to insufficient session expiration
A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If an attacker exfiltrates a valid OAuth Open Authorization access token before a user logs out, they...
CVE-2026-44188 Ansible-lightspeed: ansible lightspeed: session hijacking and unauthorized data access due to insufficient session expiration
A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If an attacker exfiltrates a valid OAuth Open Authorization access token before a user logs out, they...
EUVD-2026-36702
A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If an attacker exfiltrates a valid OAuth Open Authorization access token before a user logs out, they...
CVE-2026-44188
Affects Ansible Lightspeed (and Red Hat Ansible Automation Platform context) via insufficient session expiration that allows a valid OAuth token to remain usable after logout, enabling persistent access and unauthorized read of inventories, playbooks, and config data. The connected Red Hat adviso...
CVE-2026-44188
A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If an attacker exfiltrates a valid OAuth Open Authorization access token before a user logs out, they...
PT-2026-49526
Name of the Vulnerable Software and Affected Versions Dancer2::Plugin::Auth::OAuth versions prior to 0.22 Description The software defaults to a predictable nonce. This occurs because the default nonce is generated using an MD5 hash of the epoch time, which is a value representing the total numbe...
PT-2026-49189
A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If an attacker exfiltrates a valid OAuth Open Authorization access token before a user logs out, they...
PT-2026-48847
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A logic error in the OAuthRequestFilter function causes legitimate requests from the bound IP address to be rejected, while requests from any other IP address ar...
CVE-2026-34460 NamelessMC: OAuth callback `state` is not validated, allowing login CSRF / session swapping
NamelessMC is website software for Minecraft servers. In versions 2.2.4 and prior, the OAuth callback handling does not validate the state parameter server-side before exchanging the authorization code. This allows an attacker to capture a valid OAuth callback URL for their own account and cause ...
CVE-2026-44237
FreePBX is an open source IP PBX. Prior to 17.0.8, the FreePBX api module's OAuth2 implementation does not sufficiently validate client credentials during token issuance. Knowledge of a valid clientid is required. The validateClient method in ClientRepository.php unconditionally returns true,...