CVE-2026-47157

aiograpi is an asynchronous Instagram API for Python. aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. If an attacker can influence a challenge response, for...

EUVD-2026-36272

aiograpi is an asynchronous Instagram API for Python. aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. If an attacker can influence a challenge response, for...

MAL-2026-4588 Malicious code in ionic-insta-api-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02b21f843420dc38a87320830c9f9bd48d72a2938774100b1ee08a2db708abbc ionic-insta-api-wrapper is presented as an Instagram API client but its advertised login API silently relays caller-supplied credentials and session...

EUVD-2025-203837

Parse Server is vulnerable to Server-Side Request Forgery SSRF via Instagram OAuth Adapter...

MAL-2025-6934 Malicious code in instagram-basic-display-api (npm)

The package communicates with a domain associated with malicious activity...

Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index PyPI repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs. All three packages are no longer available on PyPI. The names of the Python packages are...

OkCupid: Instagram Authentication - No Request Token

Hello, On OkCupid, you have the ability to connect your Instagram account. This will sync any photos from your account onto your profile. This is performed by browsing to https://www.okcupid.com/okphotos/okinstagram.html, which will redirect to Instagram for the user to authorise the request. Onc...