Lucene search
K

328 matches found

NVD
NVD
added 3 days ago5 views

CVE-2026-55501

9Router is an AI router & token saver. Prior to 0.4.80, the dashboard login rate limiter in src/lib/auth/loginLimiter.js derives the client identity from the attacker-controlled X-Forwarded-For HTTP header, and src/app/api/auth/login/route.js uses that spoofable value for checkLock and recordFail...

7.3CVSS0.00515EPSS
Exploits0References3
CVE
CVE
added 3 days ago20 views

CVE-2026-55501

The CVE concerns 9router prior to version 0.4.80, where the login rate limiter uses client identity from the attacker-controlled X-Forwarded-For header in src/lib/auth/loginLimiter.js. This allows remote attackers to rotate X-Forwarded-For per attempt, creating a fresh rate-limit bucket each time...

7.3CVSS6.2AI score0.00515EPSS
Exploits0References3
OSV
OSV
added 2026/07/06 9:46 p.m.3 views

GHSA-7CFM-PQRJ-XGQ7 9router: Login brute-force protection bypass via spoofed X-Forwarded-For header

Summary The 9router dashboard login rate limiter derives the client identity from the attacker-controlled X-Forwarded-For HTTP header. When 9router is directly exposed, or deployed behind a reverse proxy that does not overwrite untrusted forwarding headers, a remote attacker can rotate the...

7.3CVSS6AI score0.00515EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/07/06 9:46 p.m.6 views

9router: Login brute-force protection bypass via spoofed X-Forwarded-For header

Summary The 9router dashboard login rate limiter derives the client identity from the attacker-controlled X-Forwarded-For HTTP header. When 9router is directly exposed, or deployed behind a reverse proxy that does not overwrite untrusted forwarding headers, a remote attacker can rotate the...

7.3CVSS6AI score0.00515EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/07/06 12:0 a.m.6 views

9router: Login brute-force protection bypass via spoofed X-Forwarded-For header

The 9router dashboard login rate limiter derives the client identity from the attacker-controlled X-Forwarded-For HTTP header. When 9router is directly exposed, or deployed behind a reverse proxy that does not overwrite untrusted forwarding headers, a remote attacker can rotate the X-Forwarded-Fo...

7.3CVSS6AI score0.00515EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.12 views

PT-2026-56084

Name of the Vulnerable Software and Affected Versions 9Router versions prior to 0.4.80 Description The dashboard login rate limiter derives client identity from the X-Forwarded-For HTTP header, which is controlled by the user. When the application is directly exposed or deployed behind a reverse...

7.3CVSS6.2AI score0.00515EPSS
Exploits0References6
NVD
NVD
added 2026/06/25 5:16 p.m.14 views

CVE-2026-54037

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the fix for CVE-2025-7105 added forkIpLimiter and forkUserLimiter rate limiters to POST /api/convos/fork to prevent rapid-fire conversation duplication. However, the POST /api/convos/duplicate endpoint...

6.5CVSS0.00293EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/25 3:49 p.m.5 views

EUVD-2026-39458

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the fix for CVE-2025-7105 added forkIpLimiter and forkUserLimiter rate limiters to POST /api/convos/fork to prevent rapid-fire conversation duplication. However, the POST /api/convos/duplicate endpoint...

6.5CVSS5.9AI score0.00293EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.14 views

PT-2026-52496

🚨 CVE-2026-54037 LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the fix for CVE-2025-7105 added forkIpLimiter and forkUserLimiter rate limiters to POST /api/convos/fork to prevent rapid-fire conversation duplication. However, the POST...

6.5CVSS6.2AI score0.00293EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.12 views

CVE-2026-45364

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it received in x-forwarded-for or the configured IP-bearing header. IPv6 clients controlling a typical /6...

7.3CVSS5.5AI score0.00295EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

FOSSBilling 安全漏洞

FOSSBilling is an open-source billing and customer management platform for hosting service providers and digital service providers. Versions of FOSSBilling prior to 0.8.0 contained security vulnerabilities. These vulnerabilities stemmed from the password reset confirmation endpoint being...

6.3CVSS5.3AI score0.00217EPSS
Exploits0References2
NVD
NVD
added 2026/05/28 10:17 p.m.16 views

CVE-2026-45364

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it received in x-forwarded-for or the configured IP-bearing header. IPv6 clients controlling a typical /6...

7.3CVSS0.00295EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/28 9:34 p.m.11 views

CVE-2026-45364 Better Auth: Rate limiter keys IPv6 addresses individually and is bypassable via prefix rotation

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it received in x-forwarded-for or the configured IP-bearing header. IPv6 clients controlling a typical /6...

7.3CVSS5.8AI score0.00295EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/28 9:34 p.m.12 views

EUVD-2026-33073

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it received in x-forwarded-for or the configured IP-bearing header. IPv6 clients controlling a typical /6...

7.3CVSS5.8AI score0.00295EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/28 9:34 p.m.42 views

CVE-2026-45364 Better Auth: Rate limiter keys IPv6 addresses individually and is bypassable via prefix rotation

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it received in x-forwarded-for or the configured IP-bearing header. IPv6 clients controlling a typical /6...

7.3CVSS0.00295EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 9:34 p.m.31 views

CVE-2026-45364

The CVE-2026-45364 issue affects Better Auth (TypeScript) where the HTTP rate limiter keyed by the leftmost x-forwarded-for value could be bypassed for IPv6. Before fixes, IPv6 prefix rotation (e.g., /64) and multiple textual representations could produce 2^64 distinct keys, letting an attacker p...

7.3CVSS5.8AI score0.00295EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.13 views

Better Auth 安全漏洞

Better Auth is an open-source TypeScript framework for authentication. Versions of Better Auth prior to 1.4.17 and 1.5.0-beta.9 contained security vulnerabilities. These vulnerabilities stemmed from the HTTP rate limiter, which keyed each request based on the exact text IP address in the...

7.3CVSS5.8AI score0.00295EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/15 5:41 p.m.18 views

Better Auth: Rate limiter keys IPv6 addresses individually and is bypassable via prefix rotation

Am I affected? Users are affected if all of the following are true: - Their app uses better-auth at a version 1.4.17, or at a v1.5 prerelease tagged = 1.5.0-beta.8. - The apps authentication endpoints serve clients reachable over IPv6. Most managed hosts including Cloudflare, Vercel, Fly.io, AWS...

7.3CVSS5.8AI score0.00295EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/05/15 5:41 p.m.7 views

GHSA-P6V2-XCPG-H6XW Better Auth: Rate limiter keys IPv6 addresses individually and is bypassable via prefix rotation

Am I affected? Users are affected if all of the following are true: - Their app uses better-auth at a version 1.4.17, or at a v1.5 prerelease tagged = 1.5.0-beta.8. - The apps authentication endpoints serve clients reachable over IPv6. Most managed hosts including Cloudflare, Vercel, Fly.io, AWS...

7.3CVSS5.8AI score0.00295EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.13 views

PT-2026-41393

Name of the Vulnerable Software and Affected Versions Better Auth versions prior to 1.4.17 Better Auth versions prior to 1.5.0-beta.9 Description The HTTP rate limiter in Better Auth identifies requests based on the exact textual IP address found in the x-forwarded-for header or other configured...

7.3CVSS5.8AI score0.00295EPSS
Exploits0References8
Rows per page
Query Builder