CVE-2026-28735

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to gain access to private repositories via modifying the scope parameter in the GitHub authorization URL...

CVE-2026-3691

OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is required to exploit this vulnerability in that the target must initiate an OAuth authorization...

CVE-2026-3691

OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is required to exploit this vulnerability in that the target must initiate an OAuth authorization...

EUVD-2026-21623

OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is required to exploit this vulnerability in that the target must initiate an OAuth authorization...

Cross-site Scripting (XSS)

Overview n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Credential Management Flow when a crafted OAuth2 credential contains a JavaScript URL in the Authorization URL field. An attacker can execute arbitrary scripts in th...

CVE-2026-32112

ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form renders user-controlled parameters via Python f-strings with no HTML escaping. An attacker who can reach the OAuth endpoint and convince the server operator to follow a crafted authorization URL could execute...

PT-2025-49418

A vulnerability has been found in TykoDev cherry-studio-TykoFork 0.1. This issue affects the function redirectToAuthorization of the file /.well-known/oauth-authorization-server of the component OAuth Server Discovery. Such manipulation of the argument authorizationUrl leads to os command...

TykoTech Fork 操作系统命令注入漏洞

TykoTech Fork is an AI integration tool for LionTech individual developers. An OS command injection vulnerability exists in TykoTech Fork version 0.1, which stems from misuse of the parameter authorizationUrl in the file /.well-known/oauth-authorization-server, which could lead to os command...

EUVD-2025-34897

Dify is an LLM application development platform. In Dify versions through 1.9.1, the MCP OAuth component is vulnerable to cross-site scripting when a victim connects to an attacker-controlled remote MCP server. The vulnerability exists in the OAuth flow implementation where the authorizationurl...

EUVD-2020-12575

Malware in sbrugna...

PT-2023-21166 · Npm · Nextauth.Js

Name of the Vulnerable Software and Affected Versions: NextAuth.js versions prior to v4.20.1 Description: The issue allows a bad actor to intercept and tamper with the authorization URL, enabling them to log in as the victim and bypass CSRF protection. This occurs due to a partial failure during ...

keycloak: missing input validation in IDP authorization URLs

A flaw was found in Keycloak, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients...

CVE-2020-1727

A vulnerability was found in Keycloak before 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients...

Input validation

A vulnerability was found in Keycloak before 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients...

CVE-2020-1727

A vulnerability was found in Keycloak before 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients...

Lack Of Input Validation

keycloak does not perform adequate input validation. The Authorization URL pointing to an IDP server does not perform proper input validation, allowing an attacker to craft malicious links that can be used to exploit other vulnerabilities within the application...

CVE-2020-1727

A flaw was found in Keycloak, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients...