305 matches found
EUVD-2026-28283
Admidio is an open-source user management solution. Prior to version 5.0.9, the OIDC token introspection endpoint /modules/sso/index.php/oidc/introspect always returns "active": true for every request, regardless of whether a valid token is provided, whether the token is expired, revoked, or...
CVE-2026-41671 Admidio: OIDC Token Introspection Endpoint Returns Active for All Tokens Without Validation
Admidio is an open-source user management solution. Prior to version 5.0.9, the OIDC token introspection endpoint /modules/sso/index.php/oidc/introspect always returns "active": true for every request, regardless of whether a valid token is provided, whether the token is expired, revoked, or...
CVE-2026-41671
Admidio is an open-source user management solution. Prior to version 5.0.9, the OIDC token introspection endpoint /modules/sso/index.php/oidc/introspect always returns "active": true for every request, regardless of whether a valid token is provided, whether the token is expired, revoked, or...
CVE-2026-41671
Admidio prior to version 5.0.9 contains a vulnerability in its OIDC token introspection (/modules/sso/index.php/oidc/introspect) and revocation (/oidc/revoke) endpoints. The introspection endpoint always returns {"active": true} and the revocation endpoint returns {"revoked": true} without authen...
Daptin's Session Management Vulnerability Leads to Insufficient Session Expiration After Password Change
Summary A session invalidation vulnerability exists in daptin's authentication system where JSON Web Tokens JWTs remain fully valid after a user changes their password. The JWT validation middleware CheckJWT only verifies token signature, expiry, issuer, and signing algorithm — it does not check...
Weblate 代码问题漏洞
Weblate is an open-source, copyleft, web-based free software system for continuous localization. Versions of Weblate prior to 5.17.1 had a code-related vulnerability. This vulnerability occurred when users changed their passwords, and the DRF API tokens were not revoked...
Admidio 授权问题漏洞
Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Prior to Admidio 5.0.9, there was an authorization vulnerability. This vulnerability stemmed...
Duplicate Advisory: OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xmxx-7p24-h892. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.15 captures resolved bearer-auth configuration at startup, allowing revoked tokens to remain...
CVE-2026-43585
OpenClaw before 2026.4.15 captures resolved bearer-auth configuration at startup, allowing revoked tokens to remain valid after SecretRef rotation. Gateway HTTP and WebSocket handlers fail to re-resolve authentication per-request, enabling attackers to use rotated-out bearer tokens for unauthoriz...
Weblate Doesn't Invalidate API Token on Password Change
Impact When a user changes their password, browser sessions are correctly invalidated via cyclesessionkeys, but DRF API tokens wlu prefix stored in authtokentoken are not revoked. Patches https://github.com/WeblateOrg/weblate/pull/19057 Resources Weblate thanks Sang Yu Jeon for reporting this via...
GHSA-6J8J-4QP3-36P2 Weblate Doesn't Invalidate API Token on Password Change
Impact When a user changes their password, browser sessions are correctly invalidated via cyclesessionkeys, but DRF API tokens wlu prefix stored in authtokentoken are not revoked. Patches https://github.com/WeblateOrg/weblate/pull/19057 Resources Weblate thanks Sang Yu Jeon for reporting this via...
PT-2026-37127
Name of the Vulnerable Software and Affected Versions Weblate versions prior to 5.17.1 Description When a user changes their password, browser sessions are invalidated using the cycle session keys function, but Django REST Framework DRF API tokens with the wlu prefix stored in authtoken token are...
GHSA-9XX5-CV6J-X533 Admidio: OIDC Token Introspection Endpoint Returns Active for All Tokens Without Validation
Summary The OIDC token introspection endpoint /modules/sso/index.php/oidc/introspect always returns "active": true for every request, regardless of whether a valid token is provided, whether the token is expired, revoked, or completely fabricated. The endpoint performs no authentication of the...
Admidio: OIDC Token Introspection Endpoint Returns Active for All Tokens Without Validation
Summary The OIDC token introspection endpoint /modules/sso/index.php/oidc/introspect always returns "active": true for every request, regardless of whether a valid token is provided, whether the token is expired, revoked, or completely fabricated. The endpoint performs no authentication of the...
PT-2026-36108
Name of the Vulnerable Software and Affected Versions Admidio versions prior to 5.0.9 Description An issue exists in the OpenID Connect OIDC implementation where the token introspection endpoint '/modules/sso/index.php/oidc/introspect' always returns a positive active status regardless of whether...
EUVD-2026-24037
OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation...
GHSA-X234-X5VQ-CC2V Nginx-UI: Disabled users retain full API access through previously issued bearer tokens
Summary A user who was disabled by an administrator can use previously issued API tokens for up to the token lifetime. In practice, disabling a compromised account does not actually terminate that user’s access, so an attacker who already stole a JWT can continue reading and modifying protected...
CVE-2026-40264
A flaw was found in OpenBao. OpenBao's multi-tenant separation feature allows a privileged administrator in one tenant to revoke or renew a token belonging to another tenant if that token's accessors are leaked. This unauthorized token management could lead to a denial of service for the affected...
CVE-2026-40264 OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation
OpenBao is an open source identity-based secrets management system. OpenBao's namespaces provide multi-tenant separation. Prior to version 2.5.3, a tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. This is addressed in v2.5.3...
CVE-2026-40264
OpenBao is an open source identity-based secrets management system. OpenBao's namespaces provide multi-tenant separation. Prior to version 2.5.3, a tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. This is addressed in v2.5.3...