Lucene search
+L

5 matches found

OSV
OSV
added 4 days ago5 views

CVE-2026-53514 Better Auth: Unauthorized invitation acceptance via unverified email match in organization plugin

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, and in 1.6.14 and later when invitation IDs can be obtained outside the invited mailbox and requireEmailVerificationOnInvitation: true is not enabled, the organization plugin's acceptInvitation,...

7.7CVSS6.1AI score0.00202EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-6562

Malware in sbrugna...

5.3CVSS5.5AI score0.01059EPSS
Exploits0References4
NVD
NVD
added 2025/07/10 9:15 a.m.52 views

CVE-2025-6168

An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated maintainers to bypass group-level user invitation restrictions by sending crafted API requests...

2.7CVSS0.00309EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/10 8:30 a.m.11 views

CVE-2025-4972 Incorrect Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated users with invitation privileges to bypass group-level user invitation restrictions by manipulating group invitation functionality...

2.7CVSS0.00316EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:20 p.m.8 views

CVE-2020-14215

Zulip Server before 2.1.5 has Incorrect Access Control because 0198preregistrationuserinvitedas adds the administrator role to invitations...

7.5CVSS6.9AI score0.00891EPSS
Exploits0
Rows per page
Query Builder