CVE-2026-9084 MISP OIDC authentication bypass via automatic email-based account linking under insecure IdP configurations

MISP’s OIDC authentication plugin allowed automatic linking of an OIDC identity to an existing local user account based on the email claim when the local account had no stored sub value. Under insecure or untrusted IdP configurations where email ownership is not enforced, an attacker with a valid...

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

aap-controller: aap-gateway: Account hijacking and unauthorized access via unverified email linking

A flaw was found in the AAP gateway. The user auto-link strategy, introduced in AAP 2.6, automatically links an external Identity Provider IDP identity to an existing AAP user account based on email matching without verifying email ownership. This allows a remote attacker to potentially hijack a...

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

CVE-2026-6266 Aap-controller: aap-gateway: account hijacking and unauthorized access via unverified email linking

A flaw was found in the AAP gateway. The user auto-link strategy, introduced in AAP 2.6, automatically links an external Identity Provider IDP identity to an existing AAP user account based on email matching without verifying email ownership. This allows a remote attacker to potentially hijack a...

CVE-2026-6266 Aap-controller: aap-gateway: account hijacking and unauthorized access via unverified email linking

A flaw was found in the AAP gateway. The user auto-link strategy, introduced in AAP 2.6, automatically links an external Identity Provider IDP identity to an existing AAP user account based on email matching without verifying email ownership. This allows a remote attacker to potentially hijack a...

CVE-2026-6266

The vulnerability CVE-2026-6266 affects the AAP gateway’s user auto-link strategy introduced in AAP 2.6. The flaw derives from linking an external IDP identity to an existing AAP user account based on email matching without verifying email ownership, enabling potential account hijacking or unauth...

RHEL 10 / 9 : Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update (Important) (RHSA-2026:13508)

The remote Redhat Enterprise Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13508 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

CVE-2026-34456 Reviactyl: OAuth account takeover via auto-linking

Reviactyl is an open-source game server management panel built using Laravel, React, FilamentPHP, Vite, and Go. From version 26.2.0-beta.1 to before version 26.2.0-beta.5, a vulnerability in the OAuth authentication flow allowed automatic linking of social accounts based solely on matching email...

GO-2024-2936 PocketBase performs password auth and OAuth2 unverified email linking in github.com/pocketbase/pocketbase

PocketBase performs password auth and OAuth2 unverified email linking in github.com/pocketbase/pocketbase...

GHSA-M93W-4FXV-R35V PocketBase performs password auth and OAuth2 unverified email linking

In order to be exploited you must have both OAuth2 and Password auth methods enabled. A possible attack scenario could be: - a malicious actor register with the targeted user's email it is unverified - at some later point in time the targeted user stumble on your app and decides to sign-up with...

CVE-2024-38351 Password auth and OAuth2 unverified email linking

Pocketbase is an open source web backend written in go. In affected versions a malicious user may be able to compromise other user accounts. In order to be exploited users must have both OAuth2 and Password auth methods enabled. A possible attack scenario could be: 1. a malicious actor register...