CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

83 matches found

CVE•added 2026/05/12 5:16 p.m.•8 views

CVE-2026-44166

PocketBase suffers an account pre-hijacking vulnerability via OAuth2 unverfied→verified autolinking. An attacker who knows a victim’s email can pre-create and link an unverified PocketBase user by authenticating with an OAuth2 provider (e.g., A). When the victim later signs up with a different pr...

7.6CVSS5.7AI score0.00035EPSS

Exploits0References1Affected Software1

EUVD•added 2026/05/08 12:31 a.m.•2 views

EUVD-2026-28461

An authentication bypass vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to create a local user account, bypassing the configured external identity provider. When external authentication was enabled, the signup endpoint did not properly enforce th...

6.3CVSS5.8AI score0.00167EPSS

Exploits0References6

Veracode•added 2026/04/30 7:50 a.m.•5 views

Sensitive Information Disclosure

Spring Security is vulnerable to Sensitive Information Disclosure. The vulnerability is due to bypass of timing attack protections in DaoAuthenticationProvider when handling disabled, expired, or locked user states, which allows an attacker to infer user account status through response timing...

3.7CVSS5.2AI score0.00067EPSS

Exploits0References2Affected Software1

EUVD•added 2026/04/22 6:30 a.m.•1 views

EUVD-2026-24607

Vulnerability in Spring Spring Security. If an application is using the UserDetailsisEnabled, isAccountNonExpired, or isAccountNonLocked user attributes, to enable, expire, or lock users, then DaoAuthenticationProvider's timing attack defense can be bypassed for users who are disabled, expired, o...

3.7CVSS5.7AI score0.00067EPSS

Exploits0References2

OSV•added 2026/04/22 6:30 a.m.•1 views

GHSA-VXF7-QJ7Q-83FH Spring Security Vulnerable to User Attribute Enumeration when Using DaoAuthenticationProvider

3.7CVSS5.8AI score0.00067EPSS

Exploits0References3

Cvelist•added 2026/04/22 5:2 a.m.•25 views

CVE-2026-22746 User Attribute Enumeration when Using DaoAuthenticationProvider

3.7CVSS0.00067EPSS

Exploits0References1

Vulnrichment•added 2026/04/22 5:2 a.m.•4 views

CVE-2026-22746 User Attribute Enumeration when Using DaoAuthenticationProvider

3.7CVSS5.7AI score0.00067EPSS

Exploits0References1

OSV•added 2026/04/16 11:36 p.m.•2 views

BIT-AUTHENTIK-2023-48228 OAuth2: PKCE can be fully circumvented

authentik is an open-source identity provider. When initialising a oauth2 flow with a codechallenge and codemethod thus requesting PKCE, the single sign-on provider authentik must check if there is a matching and existing codeverifier during the token step. Prior to versions 2023.10.4 and 2023.8....

9.8CVSS7.3AI score0.01139EPSS

Exploits1References11

Github Security Blog•added 2026/04/01 11:36 p.m.•6 views

Nhost Leaks Refresh Tokens via URL Query Parameter in OAuth Provider Callback

Refresh Token Leaked via URL Query Parameter in OAuth Provider Callback Summary The auth service's OAuth provider callback flow places the refresh token directly into the redirect URL as a query parameter. Refresh tokens in URLs are logged in browser history, server access logs, HTTP Referer...

7.5CVSS6.1AI score0.00063EPSS

Exploits1References4Affected Software1

Snyk•added 2026/03/31 11:15 p.m.•0 views

Cross-site Request Forgery (CSRF)

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF in the admin/save.json.php process. An attacker can modify sensitive plugin configurations, such as payment processor credentials o...

8.6CVSS5.8AI score0.0001EPSS

Exploits1References2

RedhatCVE•added 2026/03/26 3:7 p.m.•0 views

CVE-2026-31828

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.13 and 8.6.26, the LDAP authentication adapter is vulnerable to LDAP injection. User-supplied input authData.id is interpolated directly into LDAP Distinguished Names DN an...

8.8CVSS5.8AI score0.00164EPSS

Exploits0References1

EUVD•added 2026/03/16 3:30 p.m.•2 views

EUVD-2026-12439

Mattermost versions 10.11.x = 10.11.10 fail to validate user's authentication method when processing account auth type switch which allows an authenticated attacker to change account password without confirmation via falsely claiming a different auth provider.. Mattermost Advisory ID:...

3.1CVSS5.8AI score0.00067EPSS

Exploits0References2

Github Security Blog•added 2026/03/12 5:29 p.m.•4 views

Parse Server's OAuth2 adapter shares mutable state across providers via singleton instance

Impact Parse Server's built-in OAuth2 auth adapter exports a singleton instance that is reused directly across all OAuth2 provider configurations. Under concurrent authentication requests for different OAuth2 providers, one provider's token validation may execute using another provider's...

9.1CVSS5.8AI score0.00066EPSS

Exploits0References5Affected Software1

RedhatCVE•added 2026/01/27 7:33 p.m.•3 views

CVE-2025-22234

The fix applied in CVE-2025-22228 inadvertently broke the timing attack mitigation implemented in DaoAuthenticationProvider. This can allow attackers to infer valid usernames or other authentication behavior via response-time differences under certain configurations. Mitigation Mitigation for thi...

7.4CVSS5.8AI score0.00065EPSS

Exploits0References5

Github Security Blog•added 2026/01/22 9:33 p.m.•12 views

Spring Security has a broken timing attack mitigation implemented in DaoAuthenticationProvide

7.4CVSS5.5AI score0.00065EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/01/22 9:2 p.m.•20 views

CVE-2025-22234 Spring Security - BCrypt Password Encoder maximum password length breaks timing attack mitigation

5.3CVSS0.00022EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 9:2 p.m.•5 views

CVE-2025-22234 Spring Security - BCrypt Password Encoder maximum password length breaks timing attack mitigation