Lucene search
K

319 matches found

CVE
CVE
added 4 days ago30 views

CVE-2026-55672

Summary (concrete details) : The CVE concerns Zitadel, an open-source identity management platform. The vulnerability occurs in the OAuth2/OIDC CodeExchange and RefreshToken flows (and related device token flow) where verification that the requesting client matches the originally authorized clien...

7.4CVSS6.1AI score0.00276EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/06 8:36 p.m.5 views

EUVD-2026-41941

Leantime contains an OIDC login CSRF vulnerability in the verifyState method that unconditionally returns true without validating state parameters. Attackers can craft malicious callback URLs with attacker-controlled authorization codes to perform session fixation, logging victims in as the...

8.6CVSS6AI score0.00153EPSS
Exploits0References4
Snyk
Snyk
added 2026/07/03 10:19 p.m.5 views

Replay Attack

Overview Affected versions of this package are vulnerable to Replay Attack due to improper enforcement of OAuth2 authorization code expiry and single-use requirements in the authorization code process. An attacker can gain unauthorized access by reusing valid authorization codes during the token...

9.1CVSS6AI score0.00379EPSS
Exploits0References2
NVD
NVD
added 2026/07/03 9:16 p.m.7 views

CVE-2026-26232

Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...

9.1CVSS0.00379EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/03 8:19 p.m.36 views

CVE-2026-26232 Gitea OAuth2 authorization codes lack expiry and reuse enforcement

Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...

0.00379EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/03 8:19 p.m.8 views

EUVD-2026-41628

Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...

6AI score0.00379EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.7 views

CVE-2026-26232

Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...

6AI score0.00379EPSS
Exploits0References5
CVE
CVE
added 2026/07/03 8:19 p.m.19 views

CVE-2026-26232

Gitea before 1.25.5 is vulnerable to a replay attack due to inadequate enforcement of OAuth2 authorization code expiry and single-use behavior during the token exchange. The Snyk entries describe the issue across affected code paths (e.g., models/auth and routers/web/auth) and state that an attac...

9.1CVSS6AI score0.00379EPSS
Exploits0References4
OSV
OSV
added 2026/07/03 8:19 p.m.4 views

CVE-2026-26232 Gitea OAuth2 authorization codes lack expiry and reuse enforcement

Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...

9.1CVSS6AI score0.00379EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55596

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description The software does not consistently enforce the expiry and single-use requirement of OAuth2 authorization codes during the token exchange process. OAuth2 is a standard for access delegation, allowing...

9.1CVSS6.1AI score0.00379EPSS
Exploits0References7
OSV
OSV
added 2026/06/26 11:5 p.m.5 views

GHSA-9RC6-8CJV-RCVX Nezha Monitoring: OAuth2 Redirect URL — Host Header Injection

Description The getRedirectURL function in oauth2.go:22-29 constructs the OAuth2 callback URL by concatenating the request's Host header with a fixed path, with zero validation of the Host header: go func getRedirectURLc gin.Context string scheme := "http://" referer := c.Request.Referer if...

6.8CVSS5.8AI score0.00234EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 9:17 p.m.7 views

CVE-2026-47386

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, two concurrent token-exchange requests using the same OAuth authorization code could each mint a distinct valid accesstoken, refreshtoken pair, breaking the single-use guarantee that PKCE relies on. This vulnerability ...

6.3CVSS0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 8:12 p.m.32 views

CVE-2026-47386 NocoDB: OAuth Authorization Code Race Condition

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, two concurrent token-exchange requests using the same OAuth authorization code could each mint a distinct valid accesstoken, refreshtoken pair, breaking the single-use guarantee that PKCE relies on. This vulnerability ...

6.3CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 8:12 p.m.24 views

CVE-2026-47386

CVE-2026-47386 affects NocoDB’s OAuth token-exchange flow. Before 2026.05.1, two concurrent token-exchange requests could use the same OAuth authorization code to mint two valid token pairs, breaking PKCE’s single-use guarantee. The issue is mitigated by a fix in 2026.05.1, which introduces atomi...

6.3CVSS5.9AI score0.00197EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 8:12 p.m.6 views

CVE-2026-47386

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, two concurrent token-exchange requests using the same OAuth authorization code could each mint a distinct valid accesstoken, refreshtoken pair, breaking the single-use guarantee that PKCE relies on. This vulnerability ...

6.3CVSS5.9AI score0.00197EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/22 10:16 p.m.9 views

CVE-2026-56697

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the script-protocol check but resolve to a cross-origin URL against the current page protocol. Attackers can inject paths like //evil.com to redirect...

6.1CVSS0.00191EPSS
Exploits0References4
CVE
CVE
added 2026/06/22 9:4 p.m.14 views

CVE-2026-56697

Nuxt security note: Nuxt versions 4.0.0–4.4.6 and 3.x before 3.21.7 are affected by an open redirect in the reloadNuxtApp function. Protocol-relative paths like //evil.com pass the script-protocol check but resolve to a cross-origin URL against the current page protocol, enabling attackers to red...

6.1CVSS5.9AI score0.00191EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/22 9:4 p.m.23 views

CVE-2026-56326 Nuxt - Server-Side Open Redirect via Path-Normalization Bypass in navigateTo

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a server-side open redirect vulnerability in navigateTo that fails to properly validate path-normalized payloads like /..//evil.com and /.//evil.com. Attackers can bypass external-host checks using path-normalization techniques to...

6.1CVSS0.00205EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 1:52 p.m.5 views

GHSA-XQXV-4JC2-X56X ZITADEL: Missing client_id binding in OIDC authorization code exchange and refresh token flows (RFC 6749 Section 4.1.3 violation)

Summary Zitadel's OAuth2 / OIDC CodeExchange and RefreshToken implementations omit a critical validation step to ensure that the requesting client matches the client that originally initiated the authorization flow. This violates RFC 6749 Section 4.1.3, which mandates that the authorization serve...

7.4CVSS6AI score0.00276EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.14 views

PT-2026-50741

Name of the Vulnerable Software and Affected Versions Zitadel versions 4.0.0 through 4.15.1 Zitadel versions 3.0.0 through 3.4.11 Description The OAuth2 / OIDC CodeExchange and RefreshToken implementations fail to validate that the requesting client matches the client that originally initiated th...

7.4CVSS6AI score0.00276EPSS
Exploits0References13
Rows per page
Query Builder