88 matches found
@agentcorporation/server (>=0.3.3 <=0.3.13), @airisos/server (>=2026.324.0-canary.0 <=2026.325.0-canary.3) +137 more potentially affected by unknown CVE via better-auth (>=0.4.10-beta.10 <=1.4.2-beta.5)
better-auth NPM version =0.4.10-beta.10, =0.3.3, =2026.324.0-canary.0, =2026.501.0, =2026.501.0, =0.0.1, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.26, =1.3.27, =0.18.0, =1.9.7 and more Source cves: unknown CVE Source advisory: OSV:GHSA-569Q-MPPH-WGWW...
Better Auth affected by external request basePath modification DoS
Summary Affected versions of Better Auth allow an external request to configure baseURL when it isn’t defined through any other means. This can be abused to poison the router’s base path, causing all routes to return 404 for all users. This issue is only exploitable when baseURL is not explicitly...
EUVD-2025-199765
Better Auth's multi-session sign-out hook allows forged cookies to revoke arbitrary sessions...
@alstar/studio (=0.0.0-beta.20), @better-auth/cli (>=1.3.4 <=1.4.0-beta.28) +16 more potentially affected by unknown CVE via better-auth (>=1.3.34 <=1.4.0-beta.9)
better-auth NPM version =1.3.34, =1.3.4, =0.18.9, =0.5.2, =7.0.9-canary.2, =7.0.9-canary.2, =0.1.8, =0.1.0, =0.0.22, =0.10.0, =0.11.1-canary.15, =0.8.2, =0.0.10, =1.0.0, =1.0.4, =3.0.0 and more Source cves: unknown CVE Source advisory: SNYK:JS-BETTERAUTH-14135654...
Session Fixation
Overview better-auth is a The most comprehensive authentication library for TypeScript. Affected versions of this package are vulnerable to Session Fixation via the constantTimeEqual function in the crypto/buffer.ts file. An attacker can cause arbitrary user sessions to be revoked by forging...
Authorization Bypass Through User-Controlled Key
Overview @better-auth/passkey is a Passkey plugin for Better Auth Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via a POST /passkey/delete-passkey request. An attacker can delete arbitrary passkeys belonging to other users by providing their...
EUVD-2025-199652
Better Auth Passkey Plugin allows passkey deletion through IDOR...
EUVD-2025-199293
Malicious code in @silgi/better-auth npm...
MAL-2025-191311 Malicious code in @silgi/better-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 528101596869077cdc065844f592e42299e9806c92d2b4f6f145ccd18194fdd5 The package @silgi/better-auth was found to contain malicious code. Source: ghsa-malware...
Malicious code in @silgi/better-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 528101596869077cdc065844f592e42299e9806c92d2b4f6f145ccd18194fdd5 The package @silgi/better-auth was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199169
Malicious code in better-auth-nuxt npm...
MAL-2025-191073 Malicious code in better-auth-nuxt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63a2c1f5ccee32dc0e1c83e0664d434add6b894caa54c57f137fe0367cba558f The package better-auth-nuxt was found to contain malicious code. Source: ghsa-malware 14fe0837bf9131779e90c6a1e8530acbe2d811b2df09dfa25d2d86c5a151c0...
Malicious code in better-auth-nuxt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63a2c1f5ccee32dc0e1c83e0664d434add6b894caa54c57f137fe0367cba558f The package better-auth-nuxt was found to contain malicious code. Source: ghsa-malware 14fe0837bf9131779e90c6a1e8530acbe2d811b2df09dfa25d2d86c5a151c0...
CVE-2025-61928 Better Auth: Unauthenticated API key creation through api-key plugin
Better Auth is an authentication and authorization library for TypeScript. In versions prior to 1.3.26, unauthenticated attackers can create or modify API keys for any user by passing that user's id in the request body to the api/auth/api-key/create route. session?.user ?? authRequired ? null : i...
CVE-2025-61928 Better Auth: Unauthenticated API key creation through api-key plugin
Better Auth is an authentication and authorization library for TypeScript. In versions prior to 1.3.26, unauthenticated attackers can create or modify API keys for any user by passing that user's id in the request body to the api/auth/api-key/create route. session?.user ?? authRequired ? null : i...
CVE-2025-61928
CVE-2025-61928 affects Better Auth (TypeScript) prior to version 1.3.26. The vulnerability allows unauthenticated attackers to create or modify API keys for any user by supplying the target user’s id in the request body to api/auth/api-key/create (and similarly in the update endpoint). The issue ...
Missing Authentication for Critical Function
Overview better-auth is a The most comprehensive authentication library for TypeScript. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the api-key plugin's create endpoints. An attacker can gain unauthorized access to any user's account by...
@better-auth/cli (>=0.0.1 <=1.3.25), @bgord/bun (>=0.18.0 <=0.29.10) +21 more potentially affected by CVE-2025-61928 via better-auth (>=0.4.10-beta.10 <=1.3.25)
better-auth NPM version =0.4.10-beta.10, =0.0.1, =0.18.0, =0.5.11, =0.0.0, =0.1.174, =1.0.2, =1.0.5, =1.0.0, =0.0.5, =0.0.5, =1.1.368, =1.2.13, =1.2.106 and more Source cves: CVE-2025-61928 Source advisory: OSV:GHSA-99H5-PJCV-GR6V...
EUVD-2025-33358
Better Auth: Unauthenticated API key creation through api-key plugin...
@better-auth/cli (>=1.2.0 <=1.3.25), @bgord/bun (>=0.18.0 <=0.29.10) +17 more potentially affected by CVE-2025-61928 via better-auth (>=1.2.0-beta.18 <=1.3.25)
better-auth NPM version =1.2.0-beta.18, =1.2.0, =0.18.0, =0.5.11, =0.0.0, =0.1.174, =1.0.2, =1.0.5, =1.0.0, =0.0.5, =1.2.13, =3.7.1, =1.0.12, =1.1.0 and more Source cves: CVE-2025-61928 Source advisory: SNYK:JS-BETTERAUTH-13537497...