CVE-2025-64526

CVE-2025-64526 (Strapi) affects the @strapi/plugin-users-permissions rate-limiting key construction. In Strapi versions prior to 5.45.0, the rate-limit middleware used the request body’s email field as part of the rate-limit key (userIdentifier = ctx.request.body.email), even on routes where the ...

EUVD-2025-209860

Strapi is an open source headless content management system. In Strapi versions prior to 5.45.0, the rate-limit middleware in the users-permissions plugin derived its rate-limit key in part from ctx.request.body.email, including on routes whose body schema does not contain an email field...

PT-2026-35778

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description An authentication bypass exists where unauthenticated 'plugin-auth' HTTP routes are granted operator runtime write scopes. This allows unauthorized users to access these routes and perform...

CVE-2026-41059

A flaw was found in OAuth2 Proxy. An unauthenticated attacker can exploit a configuration-dependent authentication bypass by sending a crafted request containing a number sign in the path. This allows the OAuth2 Proxy to incorrectly match a public allowlist rule, leading to the exposure of...

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the processing of request paths containing a number sign or its encoded form %23 when using skipauthroutes or skipauthregex settings. An attacker can gain unauthorized access t...

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the processing of request paths containing a number sign or its encoded form %23 when using skipauthroutes or skipauthregex settings. An attacker can gain unauthorized access t...

CVE-2026-41059 OAuth2 Proxy has an Authentication Bypass via Fragment Confusion in skip_auth_routes and skip_auth_regex

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 have a configuration-dependent authentication bypass. Deployments are affected when all of the following are true: Use of skipauthroutes or the legacy skipauthregex; use of patterns...

CVE-2026-41059

The CVE concerns OAuth2 Proxy (versions 7.5.0–7.15.1) where a configuration-driven authentication bypass can occur due to patterns in skip_auth_routes or legacy skip_auth_regex. Attacks are possible when attacker-controlled suffixes widen patterns (for example, ^/foo/.*/bar$) so that a # in the p...

OAuth2 Proxy has an Authentication Bypass via Fragment Confusion in skip_auth_routes and skip_auth_regex

Impact A configuration-dependent authentication bypass exists in OAuth2 Proxy. Deployments are affected when all of the following are true: Use of skipauthroutes or the legacy skipauthregex Use of patterns that can be widened by attacker-controlled suffixes, such as ^/foo/./bar$ causing potential...

GHSA-PXQ7-H93F-9JRG OAuth2 Proxy has an Authentication Bypass via Fragment Confusion in skip_auth_routes and skip_auth_regex

Impact A configuration-dependent authentication bypass exists in OAuth2 Proxy. Deployments are affected when all of the following are true: Use of skipauthroutes or the legacy skipauthregex Use of patterns that can be widened by attacker-controlled suffixes, such as ^/foo/./bar$ causing potential...

CVE-2026-39406 @hono/node-server has a middleware bypass via repeated slashes in serveStatic

@hono/node-server allows running the Hono application on Node.js. Prior to 1.19.13, a path handling inconsistency in serveStatic allows protected static files to be accessed by using repeated slashes // in the request path. When route-based middleware e.g., /admin/ is used for authorization, the...

Authentication Bypass

github.com/oauth2-proxy/oauth2-proxy is vulnerable to Authentication Bypass. The vulnerability is due to the skipauthroutes configuration option matching against the full request URI, including query parameters, when using overly permissive regex patterns, which allows an attacker to craft URLs...

GO-2025-3833 OAuth2-Proxy has authentication bypass in oauth2-proxy skip_auth_routes due to Query Parameter inclusion in github.com/oauth2-proxy/oauth2-proxy

OAuth2-Proxy has authentication bypass in oauth2-proxy skipauthroutes due to Query Parameter inclusion in github.com/oauth2-proxy/oauth2-proxy...

User Impersonation

Overview Affected versions of this package are vulnerable to User Impersonation due to using the skipauthroutes configuration option with regex patterns. An attacker can gain unauthorized access to protected resources by crafting URLs with query parameters that match overly broad or improperly...

OAuth2-Proxy 安全漏洞

oauth2-proxy is a reverse proxy software from the OAuth2 Proxy open source. A security vulnerability exists in OAuth2-Proxy version 7.10.0 and earlier, which stems from the possibility of bypassing authentication when the skipauthroutes configuration option uses regular expressions...

CVE-2024-32003 Dusk plugin may allow unfettered user authentication in misconfigured installs

wn-dusk-plugin Dusk plugin is a plugin which integrates Laravel Dusk browser testing into Winter CMS. The Dusk plugin provides some special routes as part of its testing framework to allow a browser environment such as headless Chrome to act as a user in the Backend or User plugin without having ...