Lucene search
K

252 matches found

CVE
CVE
added 2026/06/30 10:8 p.m.10 views

CVE-2026-56224

Capgo: vulnerability in console.capgo.app/login prior to version 12.128.2 allows access_token and refresh_token to be accepted in URL query parameters, leading to automatic user authentication without user confirmation. Practically, an attacker can craft a malicious link that lures a victim into ...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/25 5:36 p.m.4 views

keycloak: Keycloak: Unauthorized account access via replayed refresh tokens after cluster restart

A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, who has previously captured a user's refresh token, to replay that token even after it has been...

6.8CVSS5.8AI score0.00305EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 5:36 p.m.4 views

org.keycloak.protocol.oidc.grants: org.keycloak.services.managers: Keycloak: Server-Side Request Forgery via OIDC token endpoint manipulation

A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery SSRF by manipulating the clientsessionhost parameter during refresh token requests. This occurs when a Keycloak client is configured to use the backchannel.logout.url with the application.session.host...

3.1CVSS5.8AI score0.00295EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 7:16 a.m.10 views

CVE-2026-9183

The 24liveblog - live blog tool plugin for WordPress is vulnerable to Exposure of Sensitive Information in versions up to, and including, 2.2. This is due to the lb24blockenqueuescripts function being hooked to enqueueblockeditorassets and, for any non-administrator user, falling back to loading...

4.3CVSS0.0021EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 5:33 a.m.8 views

EUVD-2026-38681

The 24liveblog - live blog tool plugin for WordPress is vulnerable to Exposure of Sensitive Information in versions up to, and including, 2.2. This is due to the lb24blockenqueuescripts function being hooked to enqueueblockeditorassets and, for any non-administrator user, falling back to loading...

4.3CVSS5.8AI score0.0021EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 9:17 p.m.7 views

CVE-2026-53928

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a stolen refresh token survived a password-forgot flow and could be used to mint fresh JWTs even after the user reset their password. passwordChange and passwordReset deleted the user's refresh tokens, but passwordForg...

6.3CVSS0.00242EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 9:16 p.m.8 views

CVE-2026-46550

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the refresh-token cookie was set with httpOnly: true but missing both the secure flag and the sameSite attribute. Over plain HTTP the cookie could be intercepted on the network; without sameSite, browsers attached it t...

5.4CVSS0.00099EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 8:39 p.m.25 views

CVE-2026-46550 NocoDB: Refresh Token Cookie Set Without `Secure` and `SameSite` Flags

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the refresh-token cookie was set with httpOnly: true but missing both the secure flag and the sameSite attribute. Over plain HTTP the cookie could be intercepted on the network; without sameSite, browsers attached it t...

5.4CVSS0.00099EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 8:39 p.m.6 views

CVE-2026-46550

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the refresh-token cookie was set with httpOnly: true but missing both the secure flag and the sameSite attribute. Over plain HTTP the cookie could be intercepted on the network; without sameSite, browsers attached it t...

5.4CVSS5.8AI score0.00099EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/23 8:39 p.m.16 views

CVE-2026-46550

NocoDB’s CVE-2026-46550 concerns the refresh-token cookie being set with httpOnly but without Secure and SameSite attributes prior to 2026.04.1. The root cause is in setTokenCookie(), which emitted a cookie with only httpOnly (and possibly domain), leaving it vulnerable to interception over HTTP ...

5.4CVSS5.8AI score0.00099EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 8:3 p.m.5 views

CVE-2026-53928

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a stolen refresh token survived a password-forgot flow and could be used to mint fresh JWTs even after the user reset their password. passwordChange and passwordReset deleted the user's refresh tokens, but passwordForg...

6.3CVSS5.9AI score0.00242EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/18 1:52 p.m.4 views

GHSA-XQXV-4JC2-X56X ZITADEL: Missing client_id binding in OIDC authorization code exchange and refresh token flows (RFC 6749 Section 4.1.3 violation)

Summary Zitadel's OAuth2 / OIDC CodeExchange and RefreshToken implementations omit a critical validation step to ensure that the requesting client matches the client that originally initiated the authorization flow. This violates RFC 6749 Section 4.1.3, which mandates that the authorization serve...

7.4CVSS6AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.13 views

PT-2026-50741

Name of the Vulnerable Software and Affected Versions Zitadel versions 4.0.0 through 4.15.1 Zitadel versions 3.0.0 through 3.4.11 Description The OAuth2 / OIDC CodeExchange and RefreshToken implementations fail to validate that the requesting client matches the client that originally initiated th...

7.4CVSS6AI score
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/06/17 2:7 p.m.10 views

NocoDB: Refresh Tokens Persist Through Password Recovery

Summary A stolen refresh token survived a password-forgot flow and could be used to mint fresh JWTs even after the user reset their password. Details passwordChange and passwordReset deleted the user's refresh tokens, but passwordForgot only rotated tokenversion and revoked OAuth tokens — it did...

6.3CVSS5.3AI score0.00242EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.10 views

PT-2026-50474

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.05.1 Description A stolen refresh token persists after a password-forgot flow, allowing it to be used to generate new JSON Web Tokens JWTs even after a user resets their password. While the passwordChange and...

6.3CVSS5.8AI score0.00242EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2026-36787

An input handling flaw in the HTTP refresh token process of LLDAP v0.6.2 allows attackers to cause a Denial of Service DoS via sending a crafted refresh-token header...

5.3AI score0.00482EPSS
Exploits1References2
NVD
NVD
added 2026/06/15 8:16 p.m.9 views

CVE-2026-50889

An input handling flaw in the HTTP refresh token process of LLDAP v0.6.2 allows attackers to cause a Denial of Service DoS via sending a crafted refresh-token header...

7.5CVSS0.00482EPSS
Exploits1References1
CVE
CVE
added 2026/06/15 12:0 a.m.15 views

CVE-2026-50889

CVE-2026-50889 references an input handling flaw in the HTTP refresh token process of LLDAP v0.6.2 that enables Denial of Service (DoS) when a crafted refresh-token header is sent. The connected sources consistently describe the same vulnerability in LLDAP 0.6.2’s refresh-token handling, but do n...

7.5CVSS5.4AI score0.00482EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49330

Name of the Vulnerable Software and Affected Versions LLDAP version 0.6.2 Description An input handling flaw in the HTTP refresh token process allows attackers to cause a Denial of Service DoS, which is a condition where a service becomes unavailable to its intended users, by sending a crafted...

7.5CVSS5.9AI score0.00482EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.28 views

CVE-2026-50889

An input handling flaw in the HTTP refresh token process of LLDAP v0.6.2 allows attackers to cause a Denial of Service DoS via sending a crafted refresh-token header...

0.00482EPSS
Exploits1References1
Rows per page
Query Builder