Lucene search
+L

669 matches found

Vulnrichment
Vulnrichment
added 2026/05/08 10:35 p.m.10 views

CVE-2026-42350 Kargo: Open Redirect in UI OIDC Login Flow via redirectTo Query Parameter

Kargo manages and automates the promotion of software artifacts. Prior to versions 1.7.10, 1.8.13, 1.9.8, and 1.10.2, Kargo is vulnerable to open redirect in UI OIDC login flow via the redirectTo query parameter. This issue has been patched in versions 1.7.10, 1.8.13, 1.9.8, and 1.10.2...

5.1CVSS5.7AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2026/05/08 10:35 p.m.3 views

CVE-2026-42350 Kargo: Open Redirect in UI OIDC Login Flow via redirectTo Query Parameter

Kargo manages and automates the promotion of software artifacts. Prior to versions 1.7.10, 1.8.13, 1.9.8, and 1.10.2, Kargo is vulnerable to open redirect in UI OIDC login flow via the redirectTo query parameter. This issue has been patched in versions 1.7.10, 1.8.13, 1.9.8, and 1.10.2...

5.1CVSS5.9AI score0.00239EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/08 5:6 p.m.21 views

MCP Registry's GitHub OIDC tokens are replayable across registry deployments due to shared audience

SECURITY registry001 Vulnerability Report While analyzing the code logic, an area that may lead to unintended behavior under specific conditions was discovered. Overview - Verified Version: c5c4b9e8890dd5754bee889b2f1417f4fe3b5ce5 - Vulnerability Type: Authentication bypass via cross-registry OID...

4.7CVSS5.8AI score0.00219EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/05/08 5:6 p.m.12 views

GHSA-95C3-6VVW-4MRQ MCP Registry's GitHub OIDC tokens are replayable across registry deployments due to shared audience

SECURITY registry001 Vulnerability Report While analyzing the code logic, an area that may lead to unintended behavior under specific conditions was discovered. Overview - Verified Version: c5c4b9e8890dd5754bee889b2f1417f4fe3b5ce5 - Vulnerability Type: Authentication bypass via cross-registry OID...

4.7CVSS5.8AI score0.00219EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.15 views

PT-2026-39215

Name of the Vulnerable Software and Affected Versions Kargo versions prior to 1.7.10 Kargo versions prior to 1.8.13 Kargo versions prior to 1.9.8 Kargo versions prior to 1.10.2 Description Kargo, which manages and automates the promotion of software artifacts, contains an open redirect in the UI...

5.1CVSS5.8AI score0.00239EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/07 3:0 a.m.14 views

EUVD-2026-28283

Admidio is an open-source user management solution. Prior to version 5.0.9, the OIDC token introspection endpoint /modules/sso/index.php/oidc/introspect always returns "active": true for every request, regardless of whether a valid token is provided, whether the token is expired, revoked, or...

6.8CVSS5.8AI score0.00323EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 5:1 p.m.10 views

EUVD-2026-27140

Nginx-UI Settings API Exposes Protected Secrets...

6.5CVSS5.8AI score0.00295EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/05/06 5:1 p.m.14 views

Nginx-UI Settings API Exposes Protected Secrets

Summary The GetSettings API handler api/settings/settings.go:24-65 serializes all settings structs to JSON and returns them to authenticated users. Many sensitive fields are tagged with protected:"true" - however, this tag is only enforced during writes via ProtectedFill in SaveSettings and is...

6.5CVSS5.8AI score0.00295EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/05/04 9:16 p.m.47 views

CVE-2026-42223

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, the GetSettings API handler api/settings/settings.go:24-65 serializes all settings structs to JSON and returns them to authenticated users. Many sensitive fields are tagged with protected:"true" - however, this tag...

6.5CVSS0.00295EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/04 8:12 p.m.58 views

CVE-2026-42223 nginx-ui: Settings API Exposes Protected Secrets

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, the GetSettings API handler api/settings/settings.go:24-65 serializes all settings structs to JSON and returns them to authenticated users. Many sensitive fields are tagged with protected:"true" - however, this tag...

6.5CVSS0.00295EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:42 p.m.7 views

CVE-2026-41571

Note Mark is an open-source note-taking application. In version 0.19.2, IsPasswordMatch in backend/db/models.go falls back to a hard-coded bcrypt"null" placeholder whenever a user has no stored password. OIDC-registered users are created with an empty password, so anyone who submits password:...

9.4CVSS5.7AI score0.00296EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/05/04 5:20 p.m.8 views

com.abavilla:fpi-bot-api (>=1.6.0 <=1.6.2), com.abavilla:fpi-bot-api-parent (>=1.6.0 <=1.6.2) +138 more potentially affected by CVE-2026-39852 via io.quarkus:quarkus-oidc (>=3.0.0.Alpha1 <=3.20.6)

io.quarkus:quarkus-oidc MAVEN version =3.0.0.Alpha1, =1.6.0, =1.6.0, =1.8.0, =1.8.0, =1.6.0, =1.6.0, =1.8.0, =1.8.0, =1.0.25, =1.0.25, =1.5.0, =1.5.0, =1.3.1, =1.3.1, =1.3.4, =1.3.7 and more Source cves: CVE-2026-39852 Source advisory: SNYK:JAVA-IOQUARKUS-16420252...

8.8CVSS5.8AI score0.00444EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/05/02 5:49 a.m.95 views

Exploit for CVE-2026-41200

CVE-2026-41200 — STIG Manager OIDC Reflected XSS PoC Conceptu...

8.5CVSS6.1AI score0.00332EPSS
Exploits1
NVD
NVD
added 2026/04/23 2:16 a.m.7 views

CVE-2026-41200

STIG Manager is an API and web client for managing Security Technical Implementation Guides STIG assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting XSS vulnerability in the OIDC authentication error handling code in src/init.js and...

8.5CVSS0.00332EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/23 12:40 a.m.31 views

CVE-2026-41200 STIG Manager has reflected XSS vulnerability in the Web App

STIG Manager is an API and web client for managing Security Technical Implementation Guides STIG assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting XSS vulnerability in the OIDC authentication error handling code in src/init.js and...

8.5CVSS0.00332EPSS
Exploits1References1
OSV
OSV
added 2026/04/23 12:40 a.m.3 views

CVE-2026-41200 STIG Manager has reflected XSS vulnerability in the Web App

STIG Manager is an API and web client for managing Security Technical Implementation Guides STIG assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting XSS vulnerability in the OIDC authentication error handling code in src/init.js and...

8.5CVSS6.2AI score0.00332EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.6 views

PT-2026-34595

STIG Manager is an API and web client for managing Security Technical Implementation Guides STIG assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting XSS vulnerability in the OIDC authentication error handling code in src/init.js and...

8.5CVSS6.1AI score0.00332EPSS
Exploits1References2
CVE
CVE
added 2026/04/21 9:9 p.m.13 views

CVE-2026-40942

The DSF vulnerability CVE-2026-40942 affects the OIDC JWKS and Metadata Document caches (and the OIDC token cache for FHIR client connections) prior to version 2.1.0, where an inverted time comparison (isBefore vs isAfter) caused the cache to never return cached values and never invalidate, resul...

6.3CVSS5.8AI score0.00291EPSS
Exploits0References3
OSV
OSV
added 2026/04/21 9:7 p.m.2 views

CVE-2026-40939 DSF: Missing Session Timeout for OIDC Sessions

The Data Sharing Framework DSF implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. Prior to 2.1.0, OIDC-authenticated sessions had no configured maximum inactivity timeout. Sessions persisted indefinitely after login, even after the OIDC access token expired. This...

6.8CVSS6AI score0.00154EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/14 11:14 p.m.12 views

Oxia exposes bearer token in debug log messages on authentication failure

Summary When OIDC authentication fails, the full bearer token is logged at DEBUG level in plaintext. If debug logging is enabled in production, JWT tokens are exposed in application logs and any connected log aggregation system. Impact An attacker with access to application logs e.g., via a...

8.7CVSS5.9AI score0.00308EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder