web applications

Critical OAuth2-Proxy Flaw (CVE-2025-54576, CVSS 9.1) Allows Authentication Bypass via Query Parameters OAuth2 Proxy Auth Bypass CVE-2026-34457 OAuth2-Proxy, Authentication Bypass

OAuth2 Proxy Auth Bypass CVE-2026-34457 OAuth2-Proxy, Authentication Bypass

Critical OAuth2-Proxy Flaw (CVE-2025-54576, CVSS 9.1) Allows Authentication Bypass via Query Parameters

Do Son July 31, 2025

A critical vulnerability in the popular OAuth2-Proxy open-source authentication tool has been discovered, allowing attackers to bypass...

Critical Node-SAML Flaw (CVE-2025-54419, CVSS 10.0) Allows Authentication Bypass in SAML 2.0 Web Apps Node-SAML Vulnerability, Authentication Bypass

Node-SAML Vulnerability, Authentication Bypass

Critical Node-SAML Flaw (CVE-2025-54419, CVSS 10.0) Allows Authentication Bypass in SAML 2.0 Web Apps

Do Son July 29, 2025

A newly disclosed critical vulnerability in Node-SAML, a widely used SAML 2.0 authentication provider for Node.js, could...

CVE-2024-8940 (CVSS 10): Critical Flaw in Scriptcase Low-Code Platform Leaves Developers at Risk CVE-2024-8940 - Scriptcase

CVE-2024-8940 - Scriptcase

CVE-2024-8940 (CVSS 10): Critical Flaw in Scriptcase Low-Code Platform Leaves Developers at Risk

Do Son October 1, 2024

Developers using the popular low-code platform Scriptcase are urged to update their software immediately after discovering three...