Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/06/17 9:32 p.m.22 views

CVE-2026-48991 XianYuLauncher: Legacy Microsoft account OAuth sign-in flow lacks PKCE and state validation

XianYuLauncher is a Minecraft Java Edition launcher. In versions prior to 1.5.5, sensitive authentication artifacts could be exposed during a user-initiated login under certain local attack conditions. Affected versions relied on a fixed localhost redirect URI without PKCE or state validation...

5.5CVSS0.00127EPSS
Exploits0References2
NVD
NVD
added 2026/03/30 10:16 a.m.8 views

CVE-2026-5128

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

0.00144EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.7 views

PT-2026-29007

Name of the Vulnerable Software and Affected Versions ArthurFiorette steam-trader version 2.1.1 Description A sensitive information exposure issue exists. An unauthenticated attacker can send a request to the /users API endpoint to retrieve sensitive Steam account data, including the account...

10CVSS5.9AI score0.00144EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/08/09 12:0 a.m.4 views

AuthKit Remix Library 信息泄露漏洞

AuthKit Remix Library is a WorkOS open source library for authentication and session management. An information disclosure vulnerability exists in AuthKit Remix Library version 0.14.1 and earlier, which stems from exposing sensitive authentication artifacts and could lead to information disclosur...

7.1CVSS6AI score0.00342EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/09 12:0 a.m.7 views

AuthKit React Router Library 信息泄露漏洞

AuthKit React Router Library is a WorkOS open source authentication and session helper for use in React Router 7. An information disclosure vulnerability exists in AuthKit React Router Library version 0.6.1 and earlier, which stems from exposing sensitive authentication artifacts that could lead ...

7.1CVSS6AI score0.00342EPSS
Exploits0References4
Rows per page
Query Builder