2 matches found
CVE-2026-23477
creationtimestamp| type| source ---|---|--- 2026-01-14 19:30:52+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcfsmponb52u 2026-01-14 20:05:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcfukkivbt2o...
CVE-2026-23477 Rocket.Chat Unauthorized Access to OAuth App Details
Rocket.Chat is an open-source, secure, fully customizable communications platform. In Rocket.Chat versions up to 6.12.0, the API endpoint GET /api/v1/oauth-apps.get is exposed to any authenticated user, regardless of their role or permissions. This endpoint returns an OAuth application, as long a...