Lucene search
K

18221 matches found

EUVD
EUVD
added yesterday4 views

EUVD-2026-44740

Better Auth is an authentication and authorization library for TypeScript. From 1.2.10 until 1.6.11, the @better-auth/sso plugin's POST /sso/register endpoint lets any organization member attach a new SSO provider to that organization because registerSSOProvider checks only for a membership row a...

7.1CVSS6.1AI score0.00028EPSS
Exploits0References4
CVE
CVE
added yesterday5 views

CVE-2026-53515

CVE-2026-53515 : The Better Auth library, specifically the @better-auth/sso plugin, contains a privilege escalation in versions 1.2.10 through 1.6.11. The POST /sso/register endpoint incorrectly allows any organization member to attach a new SSO provider because registerSSOProvider checks only fo...

7.1CVSS6.1AI score0.00028EPSS
Exploits0References4
EUVD
EUVD
added yesterday4 views

EUVD-2026-44733

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the @better-auth/sso plugin's POST /sso/register and POST /sso/update-provider endpoints accept attacker-controlled oidcConfig.userInfoEndpoint, tokenEndpoint, and jwksEndpoint URLs when skipDiscovery: tru...

9.6CVSS6.1AI score0.00025EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-53513

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the @better-auth/sso plugin's POST /sso/register and POST /sso/update-provider endpoints accept attacker-controlled oidcConfig.userInfoEndpoint, tokenEndpoint, and jwksEndpoint URLs when skipDiscovery: tru...

9.6CVSS6.1AI score0.00025EPSS
Exploits0References5Affected Software2
RedhatCVE
RedhatCVE
added yesterday4 views

CVE-2026-47158

A flaw was found in Vaultwarden, a Bitwarden-compatible server. An unauthenticated attacker could exploit a vulnerability in the Single Sign-On SSO authorization flow. This flaw, caused by improper binding of the OAuth state parameter to the browser session and inadequate cleanup of SSO...

8.3CVSS6AI score0.00031EPSS
Exploits0References2
CVE
CVE
added yesterday12 views

CVE-2026-47164

Vaultwarden (Rust) prior to 1.36.0 has an authentication flaw in its SSO flow: when SSO_SIGNUPS_MATCH_EMAIL=true, an IdP identity can bind to an existing local Vaultwarden account by asserting a victim email, due to checking the IdP email_verified claim only during new-user creation. This could a...

7.7CVSS6.1AI score0.00053EPSS
Exploits0References4
Cvelist
Cvelist
added yesterday14 views

CVE-2026-47164 Vaultwarden: SSO Email Auto-Link Can Bind an Existing Local Account to an Attacker-Controlled IdP Identity

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO login flow checked the IdP emailverified claim only for new-user creation and not when SSOSIGNUPSMATCHEMAIL=true linked an IdP identity to an existing local account, allowing an attacker-controlled Id...

7.7CVSS0.00053EPSS
Exploits0References4
CVE
CVE
added yesterday10 views

CVE-2026-47159

Vaultwarden (Rust) prior to 1.36.0 is affected by CVE-2026-47159, where the SSO discovery and pre-validation flow exposed organization-related SSO metadata, including organizationIdentifier values for arbitrary email addresses, and allowed obtaining a valid pre-validation JWT with only the discov...

6.9CVSS6.2AI score0.00046EPSS
Exploits0References4
Cvelist
Cvelist
added yesterday16 views

CVE-2026-47159 Vaultwarden: Authentication Flow Information Disclosure in SSO Discovery Allows Organization Enumeration and Pre-Validation Token Exposure

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO discovery and pre-validation flow returned organization-related SSO metadata including organizationIdentifier values for arbitrary email addresses and allowed a valid pre-validation JWT to be obtained...

6.9CVSS0.00046EPSS
Exploits0References4
EUVD
EUVD
added yesterday4 views

EUVD-2026-44693

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO authorization flow did not bind the OAuth state parameter accepted by /connect/authorize to the initiating browser session, allowed attacker-controlled PKCE parameters, and left SsoAuth records intact...

8.3CVSS6.1AI score0.00031EPSS
Exploits0References4
Cvelist
Cvelist
added yesterday10 views

CVE-2026-41580 Stirling-PDF: Reflected XSS through crafted PDF metadata fields (Title and Author)

Stirling-PDF is a locally hosted web application that facilitates various operations on PDF files. Prior to 2.0.0, Stirling-PDF's /get-info-on-pdf endpoint rendered PDF Title and Author metadata fields without proper HTML encoding or sanitization, allowing a crafted PDF to execute...

6.1CVSS0.0006EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday124 views

Structurizr on-premises - Cross Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository structurizr/onpremises prior to 3194. id: CVE-2023-5556 info: name: Structurizr on-premises - Cross Site Scripting author: shankaracharya severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository...

6.1CVSS6.2AI score0.01222EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday10 views

User Registration & Membership WordPress plugin - Open Redirect

User Registration & Membership WordPress plugin = 5.1.4 contains an open redirect caused by insufficient validation of 'redirecttoonlogout' parameter, letting attackers redirect users to malicious external URLs after logout, exploit requires crafted URL. id: CVE-2026-6203 info: name: User...

6.1CVSS6.1AI score0.00663EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday7 views

Malicious code in ethereum-input-decorder (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94137fcf0aee7d8edb4e15a8bc9be4455fbdf79cb5bf99987b79f0393fdff62c The package name typosquats the legitimate 'ethereum-input-decoder'. Its top-level init.py unconditionally invokes a payload routine on import: it...

6.2AI score
Exploits0References6
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-55944 Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

...

9.8CVSS0.01309EPSS
Exploits0References1
CVE
CVE
added 2 days ago33 views

CVE-2026-55944

CVE-2026-55944 affects Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises). The vulnerability is described as a deserialization of untrusted data in Dynamics NAV that could allow remote code execution over a network. Connected sources indicate this is addressed in Jul...

9.8CVSS6.2AI score0.01309EPSS
Exploits0References1
NVD
NVD
added 2 days ago6 views

CVE-2026-8590

Vulnerability in Spotfire Spotfire Enterprise Spotfire Server modules, Spotfire Spotfire Enterprise with External Consumers Spotfire Server modules, Spotfire Spotfire on Kubernetes Spotfire Server modules. This issue affects Spotfire Enterprise: through 14.0.12, through 14.4.2, through 14.5.0,...

8.7CVSS0.00312EPSS
Exploits0References1
CVE
CVE
added 2 days ago5 views

CVE-2026-15697

CVE-2026-15697 affects the svgdotjs svg.js library (up to v3.2.5). The vulnerability is in the EventTarget.on function, enabling manipulation that leads to improperly controlled modification of object prototype attributes (prototype pollution). It is described as exploitable remotely with a repor...

6.5CVSS6.4AI score0.0033EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago24 views

CVE-2026-15697 svgdotjs svg.js npm Package API EventTarget.on prototype pollution

A vulnerability was found in svgdotjs svg.js up to 3.2.5. This affects the function EventTarget.on of the file svgdotjs/svg.js of the component npm Package API. Performing a manipulation results in improperly controlled modification of object prototype attributes. The attack may be initiated...

6.5CVSS0.0033EPSS
Exploits0References6
OSV
OSV
added 2 days ago3 views

CVE-2026-15697 svgdotjs svg.js npm Package API EventTarget.on prototype pollution

A vulnerability was found in svgdotjs svg.js up to 3.2.5. This affects the function EventTarget.on of the file svgdotjs/svg.js of the component npm Package API. Performing a manipulation results in improperly controlled modification of object prototype attributes. The attack may be initiated...

5.3CVSS6.4AI score0.0033EPSS
Exploits0References8
Rows per page
Query Builder