Lucene search
+L

15 matches found

EUVD
EUVD
added last week6 views

EUVD-2026-42958

ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL's external JWT Identity Provider validates a token's signature and issuer iss but not the audience aud claim, allowing a validly signed token from a trusted issuer for another relying party to be accepted ...

4.2CVSS6.1AI score0.00112EPSS
Exploits0References3
CVE
CVE
added last week31 views

CVE-2026-55669

CVE-2026-55669 affects ZITADEL: the external JWT Identity Provider failed to validate the audience (aud) claim, accepting a token signed for a different relying party. The issue, affecting ZITADEL’s JWT IdP implementation, is mitigated by requiring audience validation and is fixed in versions 3.4...

4.2CVSS6.1AI score0.00112EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/18 1:52 p.m.12 views

ZITADEL: Missing Token Audience Validation (`aud`) in JWT IdP Provider

Summary An authentication bypass vulnerability was discovered in ZITADEL's external JWT Identity Provider IdP implementation. When validating JSON Web Tokens JWTs from an external provider, ZITADEL properly checks the token's cryptographic signature and issuer iss, but it fails to validate the...

4.2CVSS5.6AI score0.00112EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/21 9:18 p.m.3 views

CVE-2026-40946 Oxia: OIDC token audience validation bypass via SkipClientIDCheck

Oxia is a metadata store and coordination system. Prior to 0.16.2, the OIDC authentication provider unconditionally sets SkipClientIDCheck: true in the go-oidc verifier configuration, disabling the standard audience aud claim validation at the library level. This allows tokens issued for unrelate...

9.2CVSS5.9AI score0.00255EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/16 3:14 p.m.8 views

FastMCP OAuth Proxy token reuse across MCP servers

While testing the OAuth Proxy implementation, it was noticed that the server does not properly respect the resource parameter submitted by the client in the authorization and token request. Instead of issuing the token explicitly for this MCP server, the token is issued for the baseurl passed to...

7.4CVSS5.8AI score0.00358EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.4 views

PT-2026-25775

Name of the Vulnerable Software and Affected Versions FastMCP versions prior to 2.14.2 Description FastMCP, a framework for building MCP applications, does not properly validate the resource parameter submitted by the client during authorization and token requests. Instead of issuing tokens...

7.4CVSS5.4AI score0.00358EPSS
Exploits1References16
Snyk
Snyk
added 2025/12/17 10:43 p.m.3 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via improper validation of $tokenAudience. A user can gain unauthorized access to protected resources by submitting an ID token in place of an access token. Remediation Upgrade auth0/auth0-php to version 8.18.0 o...

7.5CVSS6.9AI score0.00382EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/26 5:57 p.m.13 views

CVE-2025-9803

lunary-ai/lunary version 1.9.34 is vulnerable to an account takeover due to improper authentication in the Google OAuth integration. The application fails to verify the 'aud' audience field in the access token issued by Google, which is crucial for ensuring the token is intended for the...

9.3CVSS7.3AI score0.00426EPSS
Exploits2References1
OSV
OSV
added 2025/11/25 1:15 a.m.6 views

CVE-2025-9803

lunary-ai/lunary version 1.9.34 is vulnerable to an account takeover due to improper authentication in the Google OAuth integration. The application fails to verify the 'aud' audience field in the access token issued by Google, which is crucial for ensuring the token is intended for the...

8.8CVSS5.8AI score0.00426EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-0532

Malicious code in bioql PyPI...

9CVSS9AI score0.00879EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/02/09 12:57 a.m.38 views

Incorrect Permission Assignment for Critical Resource and Permissive List of Allowed Inputs in Keycloak

A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions...

4.9CVSS5.5AI score0.01641EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/02/09 12:57 a.m.22 views

GHSA-72J4-94RX-CR6W Incorrect Permission Assignment for Critical Resource and Permissive List of Allowed Inputs in Keycloak

A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions...

4.9CVSS5AI score0.01641EPSS
Exploits0References2
NVD
NVD
added 2020/09/16 7:15 p.m.16 views

CVE-2020-1694

A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions...

4.9CVSS0.01641EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/07/02 1:21 p.m.9 views

keycloak: verify-token-audience support is missing in the NodeJS adapter

A flaw was found in Keycloak, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions...

4.9CVSS5.7AI score0.01641EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/07/02 12:20 p.m.26 views

CVE-2020-1694

A flaw was found in Keycloak, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions...

4CVSS2.9AI score0.01641EPSS
Exploits0References3
Rows per page
Query Builder