Lucene search
K

50 matches found

CVE
CVE
added 2026/06/26 8:34 p.m.27 views

CVE-2026-50132

Summary (CVE-2026-50132) Budibase exposes a public GET endpoint GET /api/chat-links/:instance/:token/handoff that, before version 3.39.0, can silently link an attacker’s external chat identity (Slack/Discord/MS Teams) to a victim’s Budibase account without consent or CSRF protection. The flow: an...

7.3CVSS5.8AI score0.00192EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/12 2:27 a.m.10 views

CVE-2026-48612

Improper state verification in the OAuth implementation could allow an attacker to manipulate the authentication flow and cause a victim’s account to be linked to an attacker-controlled account. This can result in unauthorized account linking and potential account takeover...

8CVSS7.5AI score0.0012EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/10 5:38 p.m.9 views

keycloak: Cross-Session Email Verification Proof Not Bound to Upstream Identity in First-Broker-Login

A flaw was found in Keycloak. The cross-session verification proof is keyed only by local userId, idpAlias and is not bound to the upstream identity that was actually verified, so a second upstream account on the same IdP can consume it and get linked to the victim's local account...

8.1CVSS5.4AI score0.00312EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/22 5:48 p.m.18 views

Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAuth identity acceptance

Summary Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user. If an attacker can operate an already-authenticated but stale victim session, they can complete OAuth verification using their own OAuth...

5.8AI score0.00035EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/20 4:13 p.m.9 views

EUVD-2026-31134

A flaw was found in Keycloak. The cross-session verification proof is keyed only by local userId, idpAlias and is not bound to the upstream identity that was actually verified, so a second upstream account on the same IdP can consume it and get linked to the victim's local account...

6.4CVSS5.8AI score0.00312EPSS
Exploits0References2
NVD
NVD
added 2026/05/11 10:22 p.m.18 views

CVE-2026-44695

Outline is a service that allows for collaborative documentation. Prior to 1.7.1, the Slack integration callback for GET /auth/slack.post accepts an unsigned, session-independent OAuth state value. A third party who can obtain a Slack OAuth code for the same Outline Slack client can make a...

6.5CVSS0.00125EPSS
Exploits1References1
CVE
CVE
added 2026/05/11 9:11 p.m.18 views

CVE-2026-44695

Summary: CVE-2026-44695 affects Outline before version 1.7.1. The Slack OAuth flow for GET /auth/slack.post accepts an unsigned, session-independent OAuth state value. If an attacker can obtain a Slack OAuth code for the same Outline Slack client, they can cause a logged-in Outline user to comple...

6.5CVSS5.9AI score0.00125EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.16 views

PT-2026-39520

OpenCart 3.0.36 contains a cross-site request forgery vulnerability in the /account/edit endpoint that allows unauthenticated attackers to modify victim account details by tricking users into visiting malicious pages. Attackers can craft CSRF payloads that change victim email addresses and accoun...

6.9CVSS5.7AI score0.00151EPSS
Exploits0References5
NVD
NVD
added 2026/05/08 3:16 p.m.10 views

CVE-2026-41574

Nhost is an open source Firebase alternative with GraphQL. Prior to version 0.49.1, Nhost automatically links an incoming OAuth identity to an existing Nhost account when the email addresses match. This is only safe when the email has been verified by the OAuth provider. Nhost's controller trusts...

9.8CVSS0.00809EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/18 1:0 a.m.4 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in the providerFlowSignIn process. An attacker can gain unauthorized access to another user's account by exploiting improper handling of email verification status from OAuth providers. This allows the attacker to...

9.8CVSS5.8AI score0.00809EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/02 9:30 a.m.8 views

EUVD-2026-18144

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim's GINA account to bypass a second-password check and read protected emails...

6.3CVSS5.9AI score0.00251EPSS
Exploits0References2
CVE
CVE
added 2026/03/11 9:40 p.m.11 views

CVE-2026-32132

CVE-2026-32132 (ZITADEL) affects Zitadel identity management platform prior to versions 3.4.8 and 4.12.2. The vulnerability lies in the passkey registration endpoint, where an improper expiration check of a retrieved code could allow an attacker to register their own passkey and gain access to th...

7.4CVSS5.8AI score0.00399EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2026/02/19 8:56 a.m.6 views

Cross-site Request Forgery (CSRF)

fastapi-sso is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to missing persistence and verification of the OAuth state parameter, which allows an attacker to supply a malicious callback URL and link their account to a victim’s session...

6.9CVSS5.9AI score0.00311EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/12/09 5:19 p.m.7 views

EUVD-2025-202272

An unverified password change vulnerability CWE-620 vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5....

6.8CVSS6.5AI score0.00201EPSS
Exploits0References2
CVE
CVE
added 2025/12/09 5:19 p.m.15 views

CVE-2025-59808

Fortinet FortiSOAR PaaS and FortiSOAR on-premise are affected by an unverified password change vulnerability (CWE-620) that may allow an attacker who already has access to a user account to reset credentials without the current password. Affected versions include FortiSOAR PaaS 7.3–7.6.2 and Fort...

6.8CVSS6.6AI score0.00201EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/09 5:19 p.m.2 views

CVE-2025-59808

An unverified password change vulnerability CWE-620 vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5....

6.8CVSS6.6AI score0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/24 12:0 a.m.3 views

CVE-2025-56400

Cross-Site Request Forgery CSRF vulnerability in the OAuth implementation of the Tuya SDK 6.5.0 for Android and iOS, affects the Tuya Smart and Smartlife mobile applications, as well as other third-party applications that integrate the SDK, allows an attacker to link their own Amazon Alexa accoun...

6.3AI score0.00132EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/24 12:0 a.m.7 views

PT-2025-47957

Name of the Vulnerable Software and Affected Versions Tuya SDK version 6.5.0 Tuya Smart application Smartlife application Description A Cross-Site Request Forgery CSRF issue exists in the OAuth implementation of the Tuya SDK. This affects the Tuya Smart and Smartlife mobile applications, as well ...

8.8CVSS6.3AI score0.00132EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/11/24 12:0 a.m.10 views

CVE-2025-56400

Cross-Site Request Forgery CSRF vulnerability in the OAuth implementation of the Tuya SDK 6.5.0 for Android and iOS, affects the Tuya Smart and Smartlife mobile applications, as well as other third-party applications that integrate the SDK, allows an attacker to link their own Amazon Alexa accoun...

0.00132EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/07/30 1:16 p.m.12 views

Keycloak phishing attack via email verification step in first login flow

There is a flaw with the first login flow where, during a IdP login, an attacker with a registered account can initiate the process to merge accounts with an existing victim's account. The attacker will subsequently be prompted to "review profile" information, which allows the the attacker to...

7.1CVSS6AI score0.00226EPSS
Exploits0References14Affected Software1
Rows per page
Query Builder