18 matches found
CVE-2026-49757
AshAuthentication (versions before 4.14.0 and before 5.0.0-rc.10) is vulnerable to an authentication bypass where OAuth2/OIDC sign-in matches local users by email rather than the issuer/sub identity. An attacker able to provide a victim’s email to an OAuth provider could be signed in to the victi...
EEF-CVE-2026-49757 OAuth2/OIDC account takeover in AshAuthentication via email-based user matching
Summary Authentication Bypass by Spoofing vulnerability in team-alembic AshAuthentication allows account takeover of local users via OAuth2/OIDC sign-in. AshAuthentication's OAuth2 and OIDC family strategies matched the local user by email address an upsert on the email field, or a user-defined...
Nhost 授权问题漏洞
Nhost is an open-source backend service platform developed by Nhost. Versions of Nhost prior to 0.49.1 contained an authorization vulnerability. This vulnerability stemmed from the automatic matching of email addresses during OAuth authentication. However, some provider adapters failed to properl...
CVE-2026-6266
A flaw was found in the AAP gateway. The user auto-link strategy, introduced in AAP 2.6, automatically links an external Identity Provider IDP identity to an existing AAP user account based on email matching without verifying email ownership. This allows a remote attacker to potentially hijack a...
EUVD-2026-26967
A flaw was found in the AAP gateway. The user auto-link strategy, introduced in AAP 2.6, automatically links an external Identity Provider IDP identity to an existing AAP user account based on email matching without verifying email ownership. This allows a remote attacker to potentially hijack a...
CVE-2026-6266 Aap-controller: aap-gateway: account hijacking and unauthorized access via unverified email linking
A flaw was found in the AAP gateway. The user auto-link strategy, introduced in AAP 2.6, automatically links an external Identity Provider IDP identity to an existing AAP user account based on email matching without verifying email ownership. This allows a remote attacker to potentially hijack a...
CVE-2026-34456
The CVE concerns Reviactyl, an open-source game server management panel (Laravel/React stack). From version 26.2.0-beta.1 to before 26.2.0-beta.5, the OAuth authentication flow allowed automatic linking of social accounts based solely on matching email addresses, enabling an attacker to create or...
GHSA-QW9G-7549-7WG5 Directus has MySQL accent insensitive email matching
Password reset vulnerable to accent confusion The password reset mechanism of the Directus backend is implemented in a way where combined with specific, need to double check if i can work around configuration in MySQL or MariaDB. As such, it allows attackers to receive a password reset email of a...
Directus has MySQL accent insensitive email matching
Password reset vulnerable to accent confusion The password reset mechanism of the Directus backend is implemented in a way where combined with specific, need to double check if i can work around configuration in MySQL or MariaDB. As such, it allows attackers to receive a password reset email of a...
CVE-2024-27295 Directus MySQL accent insensitive email matching
Directus is a real-time API and App dashboard for managing SQL database content. The password reset mechanism of the Directus backend allows attackers to receive a password reset email of a victim user, specifically having it arrive at a similar email address as the victim with a one or more...
CVE-2024-27295 Directus MySQL accent insensitive email matching
Directus is a real-time API and App dashboard for managing SQL database content. The password reset mechanism of the Directus backend allows attackers to receive a password reset email of a victim user, specifically having it arrive at a similar email address as the victim with a one or more...
Online Library Management System 3 Password Reset
Exploit Title: Online Library Management System v3 - Password Reset and Email Matching Vulnerability Date: 12.09.2023 Exploit Author: SoSPiro Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-library-management-system/ Version: v3 Tested on: Windows 10 Pro 64 B...
PT-2024-2727 · Mastodon · Mastodon
Name of the Vulnerable Software and Affected Versions: Mastodon versions prior to 3.5.18 Mastodon versions prior to 4.0.14 Mastodon versions prior to 4.1.14 Mastodon versions prior to 4.2.6 Description: The issue is related to the implementation of CAS, SAML, and OpenID Connect protocols in...
SUSE-SU-2021:0607-1 Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: - CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. bsc1181944...
SUSE-SU-2021:0602-1 Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: - CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. bsc1181944...
SUSE-SU-2021:0601-1 Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: - CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. bsc1181944...
PYSEC-2019-16
Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address that is equal to an existing user's email address after case transformation of Unicode characters would allow an attacker to be sent a password reset token for the matched user...
Pornhub: Account takeover via Pornhub Oauth
The researcher found it was possible to take over a YouPorn account by using an unverified account with matching email address to sign up to PornHub. this vulnerability works by abusing an insecure OAuth implementation. Due to improperly implemented oauth fuctionality and lack of user information...