CVE-2026-50627

The JwtAccessTokenValidator class in Apache CXF fails to validate the 'aud' Audience claims of incoming JWT access tokens. This allows a JWT issued for one Resource Server to be successfully replayed against a completely different Resource Server, leading to Token Confusion/Routing attacks. Users...

CVE-2026-50627 Apache CXF: OAuth2: Missing JWT Audience and Issuer Validation in Access Token Validator

The JwtAccessTokenValidator class in Apache CXF fails to validate the 'aud' Audience claims of incoming JWT access tokens. This allows a JWT issued for one Resource Server to be successfully replayed against a completely different Resource Server, leading to Token Confusion/Routing attacks. Users...

Quest Bot 安全漏洞

Quest Bot is a multi-functional Discord community management robot developed by Duck Organization. Versions of Quest Bot prior to 1.0.5 contained security vulnerabilities. These vulnerabilities stemmed from the AutoMod deletion process not verifying the server to which the rules belong, potential...

Incorrect Authorization

Overview fastmcp is a The fast, Pythonic way to build MCP servers and clients. Affected versions of this package are vulnerable to Incorrect Authorization due to improper handling of the resource parameter in the authorization and token request processes. An attacker can gain unauthorized access ...

CVE-2025-69196

The GHSA advisory GHSA-5H2M-4Q8J-PQPJ describes a misconfiguration in FastMCP OAuth Proxy where the token issuer/audience are derived from the proxy’s base_url, causing access and refresh tokens to be issued without binding to the requested MCP server resource. This means tokens can be used on ot...

GHSA-5H2M-4Q8J-PQPJ FastMCP OAuth Proxy token reuse across MCP servers

While testing the OAuth Proxy implementation, it was noticed that the server does not properly respect the resource parameter submitted by the client in the authorization and token request. Instead of issuing the token explicitly for this MCP server, the token is issued for the baseurl passed to...

PT-2026-25775

Name of the Vulnerable Software and Affected Versions FastMCP versions prior to 2.14.2 Description FastMCP, a framework for building MCP applications, does not properly validate the resource parameter submitted by the client during authorization and token requests. Instead of issuing tokens...

GHSA-9RP8-H4G8-8766 Weblate wlc has insecure API key configuration

Impact Historically, wlc supported providing unscoped API keys in the setting. This practice was discouraged for years, but the code was never removed. This might cause the API key to be used against different server. Patches https://github.com/WeblateOrg/wlc/pull/1098 Workarounds Remove unscoped...

Trivial Trojans: How Minimal MCP Servers Enable Cross-Tool Exfiltration of Sensitive Data

The Model Context Protocol MCP represents a significant advancement in AI-tool integration, enabling seamless communication between AI agents and external services. However, this connectivity introduces novel attack vectors that remain largely unexplored. This paper demonstrates how unsophisticat...

CVE-2023-22452

kenny2automate is a Discord bot. In the web interface for server settings, form elements were generated with Discord channel IDs as part of input names. Prior to commit a947d7c, no validation was performed to ensure that the channel IDs submitted actually belonged to the server being configured...

PT-2024-26936 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.5.x through 9.5.5 Mattermost version 9.8.0 Description: The issue arises when Mattermost is used with shared channels and multiple remote servers are connected. In such cases, the system fails to verify that the remote...

PT-2024-37523 · Conduit · Conduit

Name of the Vulnerable Software and Affected Versions: Conduit affected versions not specified Description: The issue is related to a lack of validation of origin in the federation API in Conduit. This allows any remote server to impersonate any user from any server in most EDUs. Recommendations:...

Critical: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps 1.10.2 security update

An update is now available for Red Hat OpenShift GitOps v1.10.2. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Critical: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps 1.11.1 security update

An update is now available for Red Hat OpenShift GitOps v1.11. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

CVE-2024-22424

CVE-2024-22424 affects Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 (and related 2.7.16 per some advisories). The root cause is failure to validate that requests carry the correct content type, allowing bypass of browser CORS preflight checks and enabling CSRF via cross-origin...

SUSE CVE-2018-1312

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

kenny2automate 输入验证错误漏洞

kenny2automate is a small Discord bot by the individual developers at AbyxDev. An input validation error vulnerability exists in previous versions of kenny2automate a947d7c, which stems from a failure to perform validation to ensure that the submitted channel ID actually belongs to the server bei...

CVE-2022-39302

Ree6 is a moderation bot. This vulnerability would allow other server owners to create configurations such as "Better-Audit-Logging" which contain a channel from another server as a target. This would mean you could send log messages to another Guild channel and bypass raid and webhook protection...

Design/Logic Flaw

Ree6 is a moderation bot. This vulnerability would allow other server owners to create configurations such as "Better-Audit-Logging" which contain a channel from another server as a target. This would mean you could send log messages to another Guild channel and bypass raid and webhook protection...

Ree6 安全漏洞

Ree6 is a Ree6 open source all-in-one Discord Bot maintained by Presti. A security vulnerability exists in Ree6 versions prior to 1.9.9 that stems from a cross-server channel exploit, which can be exploited by an attacker to send server log events to another server channel that can be used to...