@ainsleydev/payload-helper (>=0.0.1 <=0.0.2), @bsct/payload (=1.0.0) +94 more potentially affected by CVE-2026-41690 via i18next-http-middleware (>=3.0.2 <=3.9.2)

i18next-http-middleware NPM version =3.0.2, =0.0.1, =1.0.1, =0.0.1, =0.0.1, =0.0.1, =0.1.2, =0.1.1, =8.0.0, =3.0.0, =1.0.0, =1.0.6, =1.0.8 and more Source cves: CVE-2026-41690 Source advisory: SNYK:JS-I18NEXTHTTPMIDDLEWARE-16415526...

CVE-2025-23974

Incorrect Privilege Assignment vulnerability in ifkooo One-Login one-login allows Privilege Escalation.This issue affects One-Login: from n/a through = 1.4...

CVE-2025-58595

Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In One Login change-wp-admin-login allows Identity Spoofing.This issue affects All In One Login: from n/a through = 2.0.8...

CVE-2025-58595

Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In One Login change-wp-admin-login allows Identity Spoofing.This issue affects All In One Login: from n/a through = 2.0.8...

EUVD-2025-38144

Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In One Login change-wp-admin-login allows Identity Spoofing.This issue affects All In One Login: from n/a through = 2.0.8...

CVE-2025-58595 WordPress All In One Login plugin <= 2.0.8 - Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In One Login change-wp-admin-login allows Identity Spoofing.This issue affects All In One Login: from n/a through = 2.0.8...

WordPress plugin All In One Login 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress All In One Login plugin <= 2.0.8 - Bypass Vulnerability vulnerability

Bypass Vulnerability vulnerability discovered by R1sky in WordPress Plugin All In One Login versions = 2.0.8...

EUVD-2025-17478

Malicious code in bioql PyPI...

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

A high-severity security flaw has been disclosed in the One Identity OneLogin Identity and Access Management IAM solution that, if successfully exploited, could expose sensitive OpenID Connect OIDC application client secrets under certain circumstances. The vulnerability, tracked as CVE-2025-5936...

CVE-2025-59363

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 even though this secret should only be returned when an App is first created,...

One Identity OneLogin AD Connector 安全漏洞

One Identity OneLogin AD Connector is a connector software from One Identity USA. A security vulnerability exists in One Identity OneLogin AD Connector versions prior to 6.1.5 that originates in the /api/adc/v4/configuration endpoint resulting in information disclosure...

CVE-2025-23974

Incorrect Privilege Assignment vulnerability in ifkooo One-Login one-login allows Privilege Escalation.This issue affects One-Login: from n/a through = 1.4...

CVE-2025-23974 WordPress One-Login plugin <= 1.4 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in ifkooo One-Login one-login allows Privilege Escalation.This issue affects One-Login: from n/a through = 1.4...

CVE-2025-23974 WordPress One-Login plugin <= 1.4 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in ifkooo One-Login one-login allows Privilege Escalation.This issue affects One-Login: from n/a through = 1.4...

CVE-2025-23974

CVE-2025-23974 describes an Incorrect Privilege Assignment vulnerability in the WordPress plugin “One-Login” (versions n/a through 1.4). The issue allows privilege escalation within One-Login. Public sources in the connected documents (Wordfence, RH) indicate the vulnerability is currently unpatc...

WordPress One-Login plugin <= 1.4 - Privilege Escalation Vulnerability

Privilege Escalation Vulnerability discovered by HLog in WordPress Plugin One-Login versions = 1.4...

PT-2025-24462 · Unknown · Ifkooo One-Login

Name of the Vulnerable Software and Affected Versions: ifkooo One-Login versions n/a through 1.4 Description: The issue is related to an Incorrect Privilege Assignment vulnerability, which allows Privilege Escalation in ifkooo One-Login. Recommendations: For ifkooo One-Login versions n/a through...

WordPress plugin One-Login 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

OneLogin ruby-saml 安全漏洞

Onelogin OneLogin ruby-saml is a Ruby-based SAML Security Assertion Markup Language library for Single Sign-On SSO services from Onelogin, USA. A security vulnerability exists in ruby-saml versions prior to 1.12.4 and 1.18.0, which stems from an improper handling of compressed SAML responses and...