Lucene search
K

151 matches found

Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52592

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A JWT algorithm confusion flaw exists in the JWT Authorization Grant flow. An attacker possessing valid client credentials can bypass signature verification by forging an assertion. This...

8.1CVSS5.8AI score0.00181EPSS
Exploits0References14
CVE
CVE
added 2026/06/23 3:45 p.m.18 views

CVE-2026-54305

CVE-2026-54305 affects n8n Enterprise instances using the Dynamic Credentials EE Endpoints. Prior to versions 1.123.55, 2.25.7, and 2.26.2, three Dynamic Credentials endpoints accepted any authenticated session without per-resource ownership or scope checks on the target workflow or credential. A...

9.9CVSS6AI score0.00343EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/22 2:17 p.m.12 views

CVE-2026-56425

The Azure Active Directory AAD authentication implementation contained multiple weaknesses in its OAuth 2.0 authorization flow that could allow attackers to bypass important security guarantees provided by the protocol. The application used the PHP session identifier sessionid as the OAuth state...

9.3CVSS0.00258EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:32 p.m.18 views

CVE-2026-48991

XianYuLauncher (Minecraft Java Edition launcher) is affected in versions prior to 1.5.5. The legacy Microsoft account OAuth sign-in flow used a fixed localhost redirect URI and lacked PKCE and state validation, allowing sensitive authentication artifacts to be exposed under certain local attack c...

5.5CVSS5.3AI score0.00127EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.13 views

CVE-2026-42073

OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the OpenClaude MCP authentication flow starts a temporary local HTTP server to handle OAuth callbacks. To prevent CSRF attacks, the server validates a state parameter...

6.5CVSS5.4AI score0.00219EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.11 views

CVE-2026-45430

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS5.5AI score0.00121EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 4:20 p.m.7 views

GHSA-8M7C-HF24-5G47 NocoDB: OAuth Authorization Code Race Condition

Summary Two concurrent token-exchange requests using the same OAuth authorization code could each mint a distinct valid accesstoken, refreshtoken pair, breaking the single-use guarantee that PKCE relies on. Details The token-exchange flow read isused and called markAsUsed as an unconditional upda...

6.3CVSS5.6AI score0.00197EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/28 3:44 a.m.14 views

CVE-2026-9793 Keycloak: keycloak: security policy bypass in jwe-encrypted request object processing

A flaw was found in Keycloak. When a JSON Web Encryption JWE encrypted request object is submitted, Keycloak may incorrectly process unsigned claims if the decrypted content is raw JSON, bypassing the configured signature policy. This allows a remote attacker to submit unauthorized claims, leadin...

5.9CVSS5.8AI score0.0012EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/26 5:10 p.m.19 views

CVE-2026-44707 Chatwoot: Pre-Account Takeover via OAuth on Unconfirmed Accounts

Chatwoot is a customer engagement suite. From 2.14.0 to before 4.13.0, a Pre-Account Takeover Pre-ATO vulnerability existed in Chatwoot's authentication flow. Because email confirmation was not enforced before an account became usable, an attacker could pre-register an email address they did not...

6.8CVSS5.8AI score0.00344EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.13 views

PT-2026-41644

Name of the Vulnerable Software and Affected Versions Mattermost versions 11.5.0 through 11.5.1 Mattermost versions 10.11.0 through 10.11.13 Description An issue exists in the OAuth authorization code redemption flow where client identity binding is not enforced. This allows an authenticated OAut...

3.8CVSS5.9AI score0.00118EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/05/14 9:9 p.m.6 views

CVE-2026-44428 MCP Registry: GitHub OIDC tokens replayable across registry deployments due to shared audience

The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.6, the client-side and server-side GitHub OIDC flow is bound only to a global audience string, not to the specific registry instance being targeted. On the client side, the publisher...

2.1CVSS5.9AI score0.00219EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/14 8:27 p.m.17 views

Open WebUI vulnerable to stored XSS via OAuth picture claim stored as SVG data URI in profile_image_url

Summary When a user signs in via OAuth, Open WebUI fetches the picture claim URL, infers a MIME type from the URL extension via mimetypes.guesstype, and stores data:;base64,... as the user's profile image. The OAuth code path does not go through the validateprofileimageurl Pydantic validator that...

8.7CVSS6AI score0.0046EPSS
Exploits2References3Affected Software1
EUVD
EUVD
added 2026/05/12 6:31 a.m.13 views

EUVD-2026-29373

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS5.8AI score0.00121EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 4:16 a.m.19 views

CVE-2026-45430

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS0.00121EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 4:6 a.m.8 views

CVE-2026-45430

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS5.8AI score0.00121EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 4:6 a.m.18 views

CVE-2026-45430

CVE-2026-45430 affects the Salesforce module for Backdrop CMS (vulnerable: 1.x-1.0.0 and earlier; fixed in 1.x-1.0.1 or later). The root cause is the module not properly using a random state parameter to protect the OAuth-like authorization flow, leaving it susceptible to CSRF attacks. The CVSSv3...

7.1CVSS5.8AI score0.00121EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 4:6 a.m.39 views

CVE-2026-45430

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS0.00121EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:6 a.m.8 views

CVE-2026-45430

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS5.8AI score0.00121EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.16 views

PT-2026-39931

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS5.8AI score0.00121EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/11 8:32 p.m.9 views

CVE-2026-43875 WWBN AVideo: Password Hash Leaked in MobileManager OAuth Redirect URL Enables Account Takeover

WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/MobileManager/oauth2.php completes an OAuth login by sending an HTTP 302 Location: oauth2Success.php?user=&pass= where is the victim's stored password hash md5hash"whirlpool", sha1password read directly fro...

6.8CVSS5.8AI score0.00285EPSS
Exploits0References2
Rows per page
Query Builder