EUVD-2025-3971

Malicious code in bioql PyPI...

SAP Approuter Authentication Bypass Vulnerability

SAP Approuter is a key SAP component that is primarily used to handle entry requests for all applications. An authentication bypass vulnerability exists in SAP Approuter, which can be exploited by a remote attacker to submit a special request that can bypass authentication, inject code and execut...

CVE-2025-24876

The SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code an attacker can steal the session of the victim by injecting malicious payload causing High impact on confidentiality and integrity of the application...

Authentication bypass in @sap/approuter

The SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code, an attacker can steal the session of the victim by injecting malicious payload, causing High impact on confidentiality and integrity of the application...

GHSA-CPFX-964W-4JVP Authentication bypass in @sap/approuter

The SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code, an attacker can steal the session of the victim by injecting malicious payload, causing High impact on confidentiality and integrity of the application...

CVE-2025-24876

The SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code an attacker can steal the session of the victim by injecting malicious payload causing High impact on confidentiality and integrity of the application...

CVE-2025-24876

CVE-2025-24876 affects the SAP Approuter Node.js package, specifically version v16.7.1 and earlier. The vulnerability is an authentication bypass during the authorization code exchange, where an attacker can inject a malicious payload to steal the victim’s session. The practical impact is high co...

CVE-2025-24876 Authentication bypass via authorization code injection in SAP Approuter

The SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code an attacker can steal the session of the victim by injecting malicious payload causing High impact on confidentiality and integrity of the application...

CVE-2025-24876 Authentication bypass via authorization code injection in SAP Approuter

The SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code an attacker can steal the session of the victim by injecting malicious payload causing High impact on confidentiality and integrity of the application...

Node.js Module @sap/approuter < 14.4.2 Privilege Escalation

The nodejs module @sap/approuter detected on the host is prior to version 14.4.2. It is, therefore, affected by a privilege escalation vulnerability. An unauthenticated, remote attacker can exploit this to gain arbitrary permissions within the applicaiton. Note that Nessus has not tested for thes...