CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/03/24 3:30 p.m.•1 views

CVE-2026-33668 Vikunja Allows Disabled/Locked User Accounts to Authenticate via API Tokens, CalDAV, and OpenID Connect

Vikunja is an open-source self-hosted task management platform. Starting in version 0.18.0 and prior to version 2.2.1, when a user account is disabled or locked, the status check is only enforced on the local login and JWT token refresh paths. Three other authentication paths — API tokens, CalDAV...

7.1CVSS6.3AI score0.00107EPSS

Exploits1References8

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-0967

Malicious code in bioql PyPI...

5CVSS5.5AI score0.03942EPSS

Exploits1References10

OSV•added 2025/07/29 1:38 p.m.•4 views

RLSA-2025:3997 Important: mod_auth_openidc:2.3 security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: modauthopenidc allows OIDCProviderAuthRequestMethod POSTs to leak...

7.5CVSS7.8AI score0.00357EPSS

OSV•added 2025/06/23 12:0 a.m.•3 views

ALSA-2025:9396 Important: mod_auth_openidc security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: DoS via Empty POST in modauthopenidc with OIDCPreservePost Enabled...

7.5CVSS7.3AI score0.00673EPSS

RedhatCVE•added 2025/05/23 11:39 a.m.•3 views

CVE-2025-24399

Jenkins OpenId Connect Authentication Plugin 4.452.v2849bd3945fa and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as case-insensitive, allowing attackers on Jenkins instances configured with a case-sensitive OpenID Connect provider to log in as any user by providing a username that...

8.8CVSS6.7AI score0.00403EPSS

Exploits0References1

RedHat Linux•added 2025/05/13 1:59 p.m.•15 views

Important: Red Hat Security Advisory: mod_auth_openidc security update

An update for modauthopenidc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

OSV•added 2025/05/13 12:0 a.m.•4 views

ALSA-2025:7419 Important: mod_auth_openidc security update

OSV•added 2025/05/13 12:0 a.m.•2 views

ALSA-2025:7490 Important: mod_auth_openidc security update

8.2CVSS7.9AI score0.00357EPSS

OSV•added 2025/05/07 7:11 p.m.•1 views

RLSA-2024:5289 Moderate: mod_auth_openidc:2.3 security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: DoS when using OIDCSessionType client-cookie and manipulating...

7.5CVSS8.1AI score0.00189EPSS

Exploits1References2

AlmaLinux•added 2025/05/06 12:0 a.m.•18 views

Moderate: mod_auth_openidc:2.3 security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: DoS via Empty POST in modauthopenidc with OIDCPreservePost Enabled...

7.5CVSS5.5AI score0.00673EPSS

RedHat Linux•added 2025/04/24 4:8 p.m.•12 views

Important: Red Hat Security Advisory: mod_auth_openidc:2.3 security update

An update for the modauthopenidc:2.3 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has...

RedHat Linux•added 2025/04/23 10:20 a.m.•6 views

Important: Red Hat Security Advisory: mod_auth_openidc:2.3 security update

An update for the modauthopenidc:2.3 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

AlmaLinux•added 2025/04/17 12:0 a.m.•6 views

Important: mod_auth_openidc:2.3 security update

8.2CVSS7.3AI score0.00357EPSS

RedHat Linux•added 2025/04/16 10:34 a.m.•8 views

Important: Red Hat Security Advisory: mod_auth_openidc security update

An update for modauthopenidc is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

RedhatCVE•added 2025/03/18 12:10 a.m.•5 views

CVE-2025-24856

An issue was discovered in the oidc aka OpenID Connect Authentication extension before 4.0.0 for TYPO3. The account linking logic allows a pre-hijacking attack, leading to Account Takeover. The attack can only be exploited if the following requirements are met: 1 an attacker can anticipate the...

4.2CVSS6.6AI score0.00085EPSS

Exploits0References1

Rockylinux•added 2025/03/17 8:16 p.m.•4 views

mod_auth_openidc security update

An update is available for modauthopenidc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The modauthopenidc is an OpenID Connect authentication module for Apac...

7.5CVSS6.7AI score0.00189EPSS

Exploits1

Cvelist•added 2025/03/16 12:0 a.m.•12 views

CVE-2025-24856

4.2CVSS0.00085EPSS