CVE-2025-46647
CVE-2025-46647 concerns Apache APISIX openid-connect plugin (introspection mode) where multiple issuers sharing the same private key can allow a user authenticated to one issuer to access another issuer. Public details from multiple sources specify the vulnerability requires: (1) openid-connect p...