dailycve.com
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-04-22.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-04-22 2026 | OAuth2 Proxy Authentication Bypass via X-Forwarded-Uri (CVE-2026-40575)AuthN | Writeup of CVE-2026-40575 detailing a critical authentication bypass in OAuth2 Proxy. This vulnerability arises from trusting client-supplied `X-Forwarded-Uri` headers in reverse proxy configurations using `–skip_auth_routes` or `–skip-auth-regex`, allowing attackers to bypass authentication by spoofing this header. Mitigation involves upgrading to version 7.15.2 or later, configuring `–trusted-proxy-ip`, and stripping or overwriting the `X-Forwarded-Uri` header at the reverse proxy level. |
| 2026-04-19 2026 | AVideo CSRF — CVE-2025-3100 (Critical)CSRF | Writeup of AVideo CSRF — CVE-2025-3100 details a critical cross-site request forgery vulnerability in AVideo Platform's `emailAllUsers.json.php` endpoint. This allows attackers to trigger mass email phishing campaigns by tricking an authenticated administrator into visiting a malicious page. The exploit leverages the absence of CSRF token validation and AVideo's `SameSite=None` cookie configuration to send arbitrary HTML content as emails to all registered users via the platform's SMTP server, bypassing standard protections. |
| 2026-04-19 2026 | Authlib (Python) CSRF (Cache-Backed OAuth State) — CVE-2025-68158CSRF | Library for Python applications, Authlib (versions prior to 1.6.6) suffers from CVE-2025-68158, a medium-severity CSRF vulnerability. The flaw allows attackers to hijack OAuth flows by exploiting a weak binding between the cache-backed state parameter and user sessions. This enables account takeover by tricking victims into clicking malicious links, leading to their accounts being linked to an attacker's external identity, potentially resulting in data compromise and financial loss. |
| 2026-04-10 2026 | CVE-2026-30832: Critical SSRF in Soft ServeSSRF | Writeup on CVE-2026-30832 detailing a critical Server-Side Request Forgery (SSRF) in Charmbracelet’s Soft Serve (versions 0.6.0 up to 0.11.4). Exploitation involves an authenticated attacker using a crafted `–lfs-endpoint` URL during a `repo import` operation. A malicious LFS server can then direct Soft Serve to fetch data from internal or private IP addresses, granting read access to sensitive services and cloud metadata. The vulnerability is resolved in Soft Serve version 0.11.4. |
| 2026-04-10 2026 | Flowise IDOR & Business Logic Flaw (CVE-2025)IDOR | Writeup of CVE-2025, detailing an Insecure Direct Object Reference (IDOR) and Business Logic Flaw in Flowise's `/api/v1/loginmethod` endpoint. This critical vulnerability allows unauthenticated or low-privileged users to overwrite SSO configurations for any organization by bypassing ownership validation checks on the `organizationId`. Attackers can achieve account takeover by replacing legitimate OAuth credentials with their own, and even enable enterprise-only features on free-tier accounts. The writeup includes detection methods, an exploit example, and essential patching guidance focusing on input validation and RBAC. |