Lucene search
+L

104 matches found

cve
cve
added 2 days ago9 views

CVE-2026-47158

CVE-2026-47158 – Vaultwarden (Rust) : A CSRF flaw in Vaultwarden’s SSO authorization flow prior to 1.36.0 allowed an unauthenticated attacker to induce IdP authentication and redeem tokens for a fully authenticated session. The root causes include: the OAuth state parameter from /connect/authoriz...

8.3CVSS6.1AI score0.0016EPSS
Exploits0References4
euvd
euvd
added 2 days ago8 views

EUVD-2026-44693

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO authorization flow did not bind the OAuth state parameter accepted by /connect/authorize to the initiating browser session, allowed attacker-controlled PKCE parameters, and left SsoAuth records intact...

8.3CVSS6.1AI score0.0016EPSS
Exploits0References4
nvd
nvd
added 2026/07/03 9:16 p.m.10 views

CVE-2026-26247

Gitea versions before 1.25.5 do not persist the OAuth2 PKCE S256 challenge method correctly during authorization, allowing token exchange without the expected verifier check...

9.1CVSS0.00379EPSS
Exploits0References4
snyk
snyk
added 2026/06/18 1:52 p.m.11 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the CodeExchange and RefreshToken processes. An attacker can gain unauthorized access to user accounts or maintain persistent access from an unauthorized client by presenting intercepted authorization codes or...

9.1CVSS6AI score0.00276EPSS
Exploits0References3
patchstack
patchstack
added 2026/05/15 5:33 p.m.29 views

NPM: Better Auth: OAuth callback accepts mismatched `state` when cookie-backed state storage is used without PKCE

NPM: Better Auth: OAuth callback accepts mismatched state when cookie-backed state storage is used without PKCE vulnerability discovered by ? in WordPress Npm better-auth versions 1.6.2...

5.8AI score
Exploits0References5Affected Software1
nvd
nvd
added 2026/04/18 2:16 p.m.6 views

CVE-2026-40948

The Keycloak authentication manager in apache-airflow-providers-keycloak did not generate or validate the OAuth 2.0 state parameter on the login / login-callback flow, and did not use PKCE. An attacker with a Keycloak account in the same realm could deliver a crafted callback URL to a victim's...

5.4CVSS0.00328EPSS
Exploits0References3
euvd
euvd
added 2026/04/18 1:22 p.m.5 views

EUVD-2026-23676

The Keycloak authentication manager in apache-airflow-providers-keycloak did not generate or validate the OAuth 2.0 state parameter on the login / login-callback flow, and did not use PKCE. An attacker with a Keycloak account in the same realm could deliver a crafted callback URL to a victim's...

5.7AI score0.00328EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/04/18 12:0 a.m.13 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. The...

5.4CVSS5.8AI score0.00328EPSS
Exploits0References2
snyk
snyk
added 2026/04/16 9:9 p.m.10 views

Improper Validation of Unsafe Equivalence in Input

Overview @node-oauth/oauth2-server is a Complete, framework-agnostic, compliant and well tested module for implementing an OAuth2 Server in node.js Affected versions of this package are vulnerable to Improper Validation of Unsafe Equivalence in Input in the token process. An attacker can obtain...

8.2CVSS5.8AI score0.00259EPSS
Exploits1References3
osv
osv
added 2026/04/11 12:17 a.m.2 views

CVE-2026-3691 OpenClaw Client PKCE Verifier Information Disclosure Vulnerability

OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is required to exploit this vulnerability in that the target must initiate an OAuth authorization...

5.3CVSS6.1AI score0.00459EPSS
Exploits0References4
github
github
added 2026/04/03 9:31 p.m.8 views

Duplicate Advisory: OpenClaw: Gemini OAuth exposed the PKCE verifier through the OAuth state parameter

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9jpj-g8vv-j5mf. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.2 reuses the PKCE verifier as the OAuth state parameter in the Gemini OAuth flow, exposing it...

6CVSS5.9AI score0.00238EPSS
Exploits0References5Affected Software1
attackerkb
attackerkb
added 2026/04/03 8:45 p.m.4 views

CVE-2026-34511

OpenClaw before 2026.4.2 reuses the PKCE verifier as the OAuth state parameter in the Gemini OAuth flow, exposing it through the redirect URL. Attackers who capture the redirect URL can obtain both the authorization code and PKCE verifier, defeating PKCE protection and enabling token redemption...

6CVSS6AI score0.00238EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/04/03 8:45 p.m.2 views

CVE-2026-34511 OpenClaw < 2026.4.2 - PKCE Verifier Exposure via OAuth State Parameter

OpenClaw before 2026.4.2 reuses the PKCE verifier as the OAuth state parameter in the Gemini OAuth flow, exposing it through the redirect URL. Attackers who capture the redirect URL can obtain both the authorization code and PKCE verifier, defeating PKCE protection and enabling token redemption...

6CVSS6AI score0.00238EPSS
Exploits0References3
nvd
nvd
added 2026/04/02 3:16 p.m.8 views

CVE-2026-33544

Tinyauth is an authentication and authorization server. Prior to version 5.0.5, all three OAuth service implementations GenericOAuthService, GithubOAuthService, GoogleOAuthService store PKCE verifiers and access tokens as mutable struct fields on singleton instances shared across all concurrent...

7.7CVSS0.00338EPSS
Exploits1References3
attackerkb
attackerkb
added 2026/04/02 3:0 p.m.5 views

CVE-2026-33544

Tinyauth is an authentication and authorization server. Prior to version 5.0.5, all three OAuth service implementations GenericOAuthService, GithubOAuthService, GoogleOAuthService store PKCE verifiers and access tokens as mutable struct fields on singleton instances shared across all concurrent...

7.7CVSS5.8AI score0.00338EPSS
Exploits1References4Affected Software1
ptsecurity
ptsecurity
added 2026/04/01 12:0 a.m.9 views

PT-2026-29659

Name of the Vulnerable Software and Affected Versions Tinyauth versions prior to 5.0.5 Description Tinyauth is an authentication and authorization server. The GenericOAuthService, GithubOAuthService, and GoogleOAuthService implementations store PKCE verifiers and access tokens as mutable struct...

7.7CVSS5.9AI score0.00338EPSS
Exploits1References8
osv
osv
added 2026/03/03 12:39 a.m.6 views

GHSA-6G25-PC82-VFWP OpenClaw: macOS beta onboarding exposed PKCE verifier via OAuth state

Summary The affected surface is the OpenClaw macOS app onboarding flow, and the macOS app is currently in beta. In that beta onboarding flow, Anthropic OAuth used the PKCE codeverifier value as OAuth state, exposing that secret in front-channel URL state. Affected Packages / Versions - Package:...

5.1CVSS5.9AI score0.00459EPSS
Exploits0References3
github
github
added 2026/03/03 12:39 a.m.8 views

OpenClaw: macOS beta onboarding exposed PKCE verifier via OAuth state

Summary The affected surface is the OpenClaw macOS app onboarding flow, and the macOS app is currently in beta. In that beta onboarding flow, Anthropic OAuth used the PKCE codeverifier value as OAuth state, exposing that secret in front-channel URL state. Affected Packages / Versions - Package:...

5.9AI score
Exploits0References3Affected Software1
redhatcve
redhatcve
added 2026/01/09 10:32 a.m.13 views

CVE-2017-18924

oauth2-server aka node-oauth2-server through 3.1.1 implements OAuth 2.0 without PKCE. It does not prevent authorization code injection. This is similar to CVE-2020-7692. NOTE: the vendor states 'As RFC7636 is an extension, I think the claim in the Readme of "RFC 6749 compliant" is valid and not...

9.1CVSS7.2AI score0.0219EPSS
Exploits2References1
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-2044

Malware in sbrugna...

9.1CVSS8.2AI score0.01587EPSS
Exploits1References14
Rows per page
Query Builder