CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-24029

Malicious code in bioql PyPI...

7.1CVSS6.3AI score0.00077EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•9 views

EUVD-2025-24030

Malicious code in bioql PyPI...

7.1CVSS6.3AI score0.00077EPSS

Exploits0References6

Veracode•added 2025/08/29 4:6 a.m.•3 views

Sensitive Information Exposure

@workos-inc/authkit-remix is vulnerable to Sensitive Information Exposure. The vulnerability is due to sealedSession and accessToken being returned from the authkitLoader, which allows an attacker to obtain sensitive authentication artifacts rendered in the browser HTML...

7.1CVSS7AI score0.00077EPSS

Exploits0References3Affected Software1

Veracode•added 2025/08/29 4:6 a.m.•4 views

Sensitive Information Exposure

@workos-inc/authkit-react-router is vulnerable to Sensitive Information Exposure. The vulnerability is due to authentication artifacts such as sealedSession and accessToken being returned from the authkitLoader and rendered into browser HTML, which allows an attacker to obtain sensitive session...

7.1CVSS7AI score0.00077EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2025/08/11 2:30 a.m.•7 views

CVE-2025-55009

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In versions 0.14.1 and below, @workos-inc/authkit-remix exposed sensitive authentication artifacts — specifically sealedSession and accessToken — by returning the...

7.1CVSS6.9AI score0.00077EPSS

Exploits0References1

RedhatCVE•added 2025/08/11 2:30 a.m.•4 views

CVE-2025-55008

The AuthKit library for React Router 7+ provides helpers for authentication and session management using WorkOS & AuthKit with React Router. In versions 0.6.1 and below, @workos-inc/authkit-react-router exposed sensitive authentication artifacts — specifically sealedSession and accessToken by...

7.1CVSS6.7AI score0.00077EPSS

Exploits0References1

NVD•added 2025/08/09 3:15 a.m.•3 views

CVE-2025-55008

7.1CVSS0.00077EPSS

Exploits0References3

NVD•added 2025/08/09 3:15 a.m.•4 views

CVE-2025-55009

7.1CVSS0.00077EPSS

Exploits0References3

Snyk•added 2025/08/09 2:41 a.m.•3 views

Information Exposure

Overview @workos-inc/authkit-react-router is an Authentication and session helpers for using WorkOS & AuthKit with React Router 7+ Affected versions of this package are vulnerable to Information Exposure via the accessToken and sealedSession parameters in the authkitLoader function. An attacker c...

7.6CVSS6.9AI score0.00077EPSS

Exploits0References2

Snyk•added 2025/08/09 2:41 a.m.•1 views

Information Exposure

Overview @workos-inc/authkit-remix is an Authentication and session helpers for using WorkOS & AuthKit with Remix Affected versions of this package are vulnerable to Information Exposure due to specifically sealedSession and accessToken, which return them from the authkitLoader function. An...

7.6CVSS6.9AI score0.00077EPSS

Exploits0References2

CVE•added 2025/08/09 2:2 a.m.•18 views

CVE-2025-55008

CVE-2025-55008 affects the AuthKit React Router library for React Router 7+. In versions ≤ 0.6.1, the package exposes sensitive authentication artifacts — specifically sealedSession and accessToken — by returning them from the authkitLoader , causing them to be rendered into browser HTML (informa...

7.1CVSS6.7AI score0.00077EPSS

Exploits0References3

Vulnrichment•added 2025/08/09 2:2 a.m.•4 views

CVE-2025-55008 AuthKit React Router: Sensitive auth data rendered in HTML

7.1CVSS7AI score0.00077EPSS

Exploits0References3

Cvelist•added 2025/08/09 2:2 a.m.•8 views

CVE-2025-55008 AuthKit React Router: Sensitive auth data rendered in HTML

7.1CVSS0.00077EPSS

Exploits0References3

OSV•added 2025/08/09 2:2 a.m.•4 views

CVE-2025-55008 AuthKit React Router: Sensitive auth data rendered in HTML

7.1CVSS6.6AI score0.00077EPSS

Exploits0References5

OSV•added 2025/08/09 2:2 a.m.•3 views

CVE-2025-55009 AuthKit: Sensitive auth data rendered in HTML

7.1CVSS6.7AI score0.00077EPSS

Exploits0References5

CVE•added 2025/08/09 2:2 a.m.•20 views

CVE-2025-55009

CVE-2025-55009 affects the AuthKit Remix package @workos-inc/authkit-remix. Versions ≤ 0.14.1 expose sensitive artifacts (sealedSession and accessToken) via the authkitLoader, causing them to be rendered into browser HTML. This creates information exposure and potential session/API access risk, a...

7.1CVSS6.9AI score0.00077EPSS

Exploits0References3

Vulnrichment•added 2025/08/09 2:2 a.m.•4 views

CVE-2025-55009 AuthKit: Sensitive auth data rendered in HTML

7.1CVSS7.2AI score0.00077EPSS

Exploits0References3

Cvelist•added 2025/08/09 2:2 a.m.•8 views

CVE-2025-55009 AuthKit: Sensitive auth data rendered in HTML

7.1CVSS0.00077EPSS

Exploits0References3

Github Security Blog•added 2025/08/08 5:8 p.m.•8 views

The AuthKit Remix Library renders sensitive auth data in HTML

Summary Before 0.15.0, @workos-inc/authkit-remix returned sensitive authentication artifacts from the authkitLoader, specifically sealedSession and accessToken. Because these values were returned from the loader, they were embedded into the server-rendered HTML and became readable by any script...

7.1CVSS6.1AI score0.00077EPSS

Exploits0References7Affected Software1

OSV•added 2025/08/08 5:8 p.m.•4 views

GHSA-V3GR-W9GF-23CX The AuthKit Remix Library renders sensitive auth data in HTML

7.1CVSS6.1AI score0.00077EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by