Lucene search
+L

2705 matches found

RedhatCVE
RedhatCVE
added 2026/06/23 3:36 a.m.15 views

CVE-2026-12796

A flaw was found in BerriAI litellm. A remote attacker could exploit a vulnerability in the getredirectresponsefromopenid function within the SSO Authentication Flow component. This manipulation leads to session expiration, potentially causing a denial of service for authenticated users. Mitigati...

6.5CVSS5.6AI score0.00358EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.20 views

PT-2026-51607

Name of the Vulnerable Software and Affected Versions Poweradmin versions prior to 4.2.4 Poweradmin versions prior to 4.3.3 Description Poweradmin is a web-based DNS administration tool for PowerDNS server. The software uses the attacker-controlled HTTP HOST request header as the authoritative...

9.6CVSS6AI score0.00312EPSS
Exploits0References14
OSV
OSV
added 2026/06/22 11:19 p.m.6 views

GHSA-CQ9C-6W48-QMFG @actual-app/sync-server: Disabled OpenID users keep access through existing session tokens

Summary In OpenID multi-user mode, disabling a user only blocks future OpenID login for that identity. Existing Actual session tokens for the disabled user remain valid, so the user can continue calling authenticated server endpoints after an administrator has disabled the account. Details The...

8.3CVSS5.9AI score0.00441EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/22 9:42 p.m.6 views

Improper Authorization

Overview @actual-app/sync-server is an actual syncing server Affected versions of this package are vulnerable to Improper Authorization in the GET /secret/:name process. An attacker can determine the existence of admin-configured secrets by sending authenticated requests as a non-admin user and...

5.3CVSS5.8AI score0.00342EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/22 9:42 p.m.9 views

@actual-app/sync-server's missing authorization on GET /secret/:name allows non-admin OpenID users to enumerate admin-configured bank-sync secrets

Summary In @actual-app/sync-server, the GET /secret/:name endpoint app-secrets.js:53 checks only that the caller has a valid session — it does not verify the caller is an admin. The sibling POST /secret/ handler does enforce an admin check in OpenID mode, exposing an authorization asymmetry. Any...

4.3CVSS5.8AI score0.00342EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/22 5:47 a.m.3 views

BIT-MONGODB-2026-9742 Authenticate command with specific mechanism parameter can trigger server crash

When OIDC authentication is enabled in configuration, clients may set specific values in the "mechanism" parameter of the "authenticate" command that lead to server crash. The authenticate command is accessible to unauthenticated clients, leading to pre-auth denial-of-service in affected product...

8.2CVSS5.8AI score0.00347EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.20 views

PT-2026-51451

Name of the Vulnerable Software and Affected Versions Actual versions prior to 26.6.0 Description In OpenID multi-user mode, disabling a user only prevents future OpenID logins for that identity. Existing session tokens remain valid because the shared session validation path does not check if the...

8.3CVSS6AI score0.00441EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.16 views

PT-2026-51448

Name of the Vulnerable Software and Affected Versions @actual-app/sync-server versions prior to 26.6.0 Description An authorization asymmetry exists in the @actual-app/sync-server component of Actual. In OpenID multi-user deployments, the GET /secret/:name endpoint only verifies that a user has a...

4.3CVSS5.9AI score0.00342EPSS
Exploits0References7
NVD
NVD
added 2026/06/21 10:16 a.m.18 views

CVE-2026-12796

A vulnerability was identified in BerriAI litellm up to 1.82.2. This impacts the function getredirectresponsefromopenid of the file litellm/proxy/managementendpoints/uisso.py of the component SSO Authentication Flow. The manipulation leads to session expiration. The attack is possible to be carri...

6.5CVSS0.00358EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/21 9:0 a.m.10 views

EUVD-2026-38155

A vulnerability was identified in BerriAI litellm up to 1.82.2. This impacts the function getredirectresponsefromopenid of the file litellm/proxy/managementendpoints/uisso.py of the component SSO Authentication Flow. The manipulation leads to session expiration. The attack is possible to be carri...

6.5CVSS6.2AI score0.00358EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/21 9:0 a.m.39 views

CVE-2026-12796 BerriAI litellm SSO Authentication Flow ui_sso.py get_redirect_response_from_openid session expiration

A vulnerability was identified in BerriAI litellm up to 1.82.2. This impacts the function getredirectresponsefromopenid of the file litellm/proxy/managementendpoints/uisso.py of the component SSO Authentication Flow. The manipulation leads to session expiration. The attack is possible to be carri...

6.5CVSS0.00358EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/06/21 9:0 a.m.5 views

CVE-2026-12796

A vulnerability was identified in BerriAI litellm up to 1.82.2. This impacts the function getredirectresponsefromopenid of the file litellm/proxy/managementendpoints/uisso.py of the component SSO Authentication Flow. The manipulation leads to session expiration. The attack is possible to be carri...

6.5CVSS6.2AI score0.00358EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/06/21 9:0 a.m.26 views

CVE-2026-12796

Affected software/impact: BerriAI litellm (up to version 1.82.2), specifically the get_redirect_response_from_openid function in litellm/proxy/management_endpoints/ui_sso.py of the SSO Authentication Flow. Root cause / vulnerability detail: The description states that manipulation leads to sessio...

6.5CVSS6.2AI score0.00358EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/06/21 9:0 a.m.4 views

CVE-2026-12796 BerriAI litellm SSO Authentication Flow ui_sso.py get_redirect_response_from_openid session expiration

A vulnerability was identified in BerriAI litellm up to 1.82.2. This impacts the function getredirectresponsefromopenid of the file litellm/proxy/managementendpoints/uisso.py of the component SSO Authentication Flow. The manipulation leads to session expiration. The attack is possible to be carri...

5.3CVSS5.5AI score0.00358EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.31 views

PT-2026-51210

Name of the Vulnerable Software and Affected Versions BerriAI litellm versions prior to 1.82.3 Description An issue exists in the SSO Authentication Flow component within the get redirect response from openid function of the litellm/proxy/management endpoints/ui sso.py file. Remote manipulation o...

6.5CVSS6.6AI score0.00358EPSS
Exploits1References11
OSV
OSV
added 2026/06/19 2:35 p.m.9 views

GHSA-HCXC-WF8J-23HV OpenFGA: OIDC audience validation skipped when --authn-oidc-audience is unset

Description OpenFGA's OIDC authenticator skipped JWT audience aud validation when no audience was configured. In deployments where one identity provider issues tokens for multiple services, a token minted for an unrelated service could authenticate to OpenFGA. Preconditions This applies if the...

6.8CVSS5.8AI score0.00301EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 2:16 p.m.19 views

CVE-2026-44087

Insufficient Verification of Data Authenticity vulnerability in Apache APISIX. The openid-connect plugin under default configuration has an attack surface that allows the attacker to spoof identity headers allowing the attacker to get unauthorized access the protected resources. This issue affect...

9.1CVSS0.00213EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 1:11 p.m.35 views

CVE-2026-44087 Apache APISIX: Openid-connect plugin Identity Header Spoofing

Insufficient Verification of Data Authenticity vulnerability in Apache APISIX. The openid-connect plugin under default configuration has an attack surface that allows the attacker to spoof identity headers allowing the attacker to get unauthorized access the protected resources. This issue affect...

5.3CVSS0.00213EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/19 1:11 p.m.11 views

EUVD-2026-38017

Insufficient Verification of Data Authenticity vulnerability in Apache APISIX. The openid-connect plugin under default configuration has an attack surface that allows the attacker to spoof identity headers allowing the attacker to get unauthorized access the protected resources. This issue affect...

5.3CVSS5.8AI score0.00213EPSS
Exploits0References1
CVE
CVE
added 2026/06/19 1:11 p.m.41 views

CVE-2026-44087

CVE-2026-44087 affects Apache APISIX via the openid-connect plugin under default configuration. The root cause is insufficient verification of data authenticity, enabling spoofing of identity headers and unauthorized access to protected resources. Affected versions are 2.3 through 3.16.0. The iss...

9.1CVSS5.8AI score0.00213EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder