Lucene search
+L

2223 matches found

EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-45196

TheHive through 4.1.24 contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by sending a GET request to the /api/status endpoint, which lacks authentication enforcement in the StatusCtrl.scala handler...

6.9CVSS5.4AI score
Exploits0References3
NVD
NVD
added 4 hours ago5 views

CVE-2026-63098

TheHive through 4.1.24 contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by sending a GET request to the /api/status endpoint, which lacks authentication enforcement in the StatusCtrl.scala handler...

6.9CVSS
Exploits0References2
Cvelist
Cvelist
added 4 hours ago9 views

CVE-2026-63098 TheHive 4.1.24 Unauthenticated Information Disclosure via /api/status Endpoint

TheHive through 4.1.24 contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by sending a GET request to the /api/status endpoint, which lacks authentication enforcement in the StatusCtrl.scala handler...

6.9CVSS
Exploits0References2
CVE
CVE
added 4 hours ago8 views

CVE-2026-63098

The Hive 4.1.24 has an unauthenticated information-disclosure flaw exposed via GET /api/status (StatusCtrl.scala), enabling attackers without credentials to read sensitive configuration data. Affected items include the datastore attachment protection password, configured authentication providers,...

6.9CVSS5.4AI score
Exploits0References2
NVD
NVD
added 5 hours ago5 views

CVE-2026-63094

SigNoz through 0.133.0 contains an open redirect vulnerability in the SSO authentication flow that allows unauthenticated attackers to steal session tokens from any user on instances configured with Google OAuth, SAML, or OIDC. Attackers can call the unauthenticated sessions context endpoint with...

8.1CVSS
Exploits0References3
Cvelist
Cvelist
added 5 hours ago11 views

CVE-2026-63094 SigNoz 0.133.0 SSO OAuth State Manipulation Session Token Theft

SigNoz through 0.133.0 contains an open redirect vulnerability in the SSO authentication flow that allows unauthenticated attackers to steal session tokens from any user on instances configured with Google OAuth, SAML, or OIDC. Attackers can call the unauthenticated sessions context endpoint with...

8.1CVSS
Exploits0References3
CVE
CVE
added 5 hours ago7 views

CVE-2026-63094

SigNoz up to version 0.133.0 contains an open redirect in the SSO authentication flow that allows unauthenticated attackers to steal session tokens from users on instances configured with Google OAuth, SAML, or OIDC. An attacker can call the unauthenticated sessions context endpoint with a ref pa...

8.1CVSS5.4AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 20 hours ago4 views

PT-2026-60776

SigNoz through 0.133.0 contains an open redirect vulnerability in the SSO authentication flow that allows unauthenticated attackers to steal session tokens from any user on instances configured with Google OAuth, SAML, or OIDC. Attackers can call the unauthenticated sessions context endpoint with...

8.1CVSS5.4AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 20 hours ago3 views

PT-2026-60791

TheHive through 4.1.24 contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by sending a GET request to the /api/status endpoint, which lacks authentication enforcement in the StatusCtrl.scala handler...

6.9CVSS5.3AI score
Exploits0References3
NVD
NVD
added yesterday10 views

CVE-2026-15013

The SAML Single Sign On – SSO Login plugin for WordPress is vulnerable to Authentication Bypass via SAML Signature Algorithm Confusion in all versions up to, and including, 5.4.3. The vulnerability exists because MoSAMLUtilities::mosamlcastkey reads the SignatureMethod Algorithm attribute directl...

9.8CVSS0.00304EPSS
Exploits0References7
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-44740

Better Auth is an authentication and authorization library for TypeScript. From 1.2.10 until 1.6.11, the @better-auth/sso plugin's POST /sso/register endpoint lets any organization member attach a new SSO provider to that organization because registerSSOProvider checks only for a membership row a...

7.1CVSS6.1AI score0.00242EPSS
Exploits0References4
CVE
CVE
added 2 days ago6 views

CVE-2026-53515

CVE-2026-53515 : The Better Auth library, specifically the @better-auth/sso plugin, contains a privilege escalation in versions 1.2.10 through 1.6.11. The POST /sso/register endpoint incorrectly allows any organization member to attach a new SSO provider because registerSSOProvider checks only fo...

7.1CVSS6.1AI score0.00242EPSS
Exploits0References4
OSV
OSV
added 2 days ago4 views

CVE-2026-53515 Better Auth: Privilege escalation via SSO provider registration: missing admin role check in @better-auth/sso

Better Auth is an authentication and authorization library for TypeScript. From 1.2.10 until 1.6.11, the @better-auth/sso plugin's POST /sso/register endpoint lets any organization member attach a new SSO provider to that organization because registerSSOProvider checks only for a membership row a...

7.1CVSS6.1AI score0.00242EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-44733

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the @better-auth/sso plugin's POST /sso/register and POST /sso/update-provider endpoints accept attacker-controlled oidcConfig.userInfoEndpoint, tokenEndpoint, and jwksEndpoint URLs when skipDiscovery: tru...

9.6CVSS6.1AI score0.00252EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-53513

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the @better-auth/sso plugin's POST /sso/register and POST /sso/update-provider endpoints accept attacker-controlled oidcConfig.userInfoEndpoint, tokenEndpoint, and jwksEndpoint URLs when skipDiscovery: tru...

9.6CVSS6.1AI score0.00252EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2 days ago5 views

CVE-2026-53513 Better Auth: Server-side request forgery via unvalidated OIDC endpoints on @better-auth/sso provider registration

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the @better-auth/sso plugin's POST /sso/register and POST /sso/update-provider endpoints accept attacker-controlled oidcConfig.userInfoEndpoint, tokenEndpoint, and jwksEndpoint URLs when skipDiscovery: tru...

9.6CVSS6.1AI score0.00252EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2 days ago4 views

CVE-2026-47158

A flaw was found in Vaultwarden, a Bitwarden-compatible server. An unauthenticated attacker could exploit a vulnerability in the Single Sign-On SSO authorization flow. This flaw, caused by improper binding of the OAuth state parameter to the browser session and inadequate cleanup of SSO...

8.3CVSS6AI score0.0016EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-47164 Vaultwarden: SSO Email Auto-Link Can Bind an Existing Local Account to an Attacker-Controlled IdP Identity

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO login flow checked the IdP emailverified claim only for new-user creation and not when SSOSIGNUPSMATCHEMAIL=true linked an IdP identity to an existing local account, allowing an attacker-controlled Id...

7.7CVSS0.0027EPSS
Exploits0References4
OSV
OSV
added 2 days ago4 views

CVE-2026-47164 Vaultwarden: SSO Email Auto-Link Can Bind an Existing Local Account to an Attacker-Controlled IdP Identity

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO login flow checked the IdP emailverified claim only for new-user creation and not when SSOSIGNUPSMATCHEMAIL=true linked an IdP identity to an existing local account, allowing an attacker-controlled Id...

7.7CVSS6.1AI score0.0027EPSS
Exploits0References6
CVE
CVE
added 2 days ago15 views

CVE-2026-47164

Vaultwarden (Rust) prior to 1.36.0 has an authentication flaw in its SSO flow: when SSO_SIGNUPS_MATCH_EMAIL=true, an IdP identity can bind to an existing local Vaultwarden account by asserting a victim email, due to checking the IdP email_verified claim only during new-user creation. This could a...

7.7CVSS6.1AI score0.0027EPSS
Exploits0References4
Rows per page
Query Builder