CVE-2025-68158 | Authlib up to 1.6.5 FrameworkIntegration.set_state_data cross-site request forgery (GHSA-fg6f-75jq-6523)

Inserito da Angelo Barbosa | Gen 8, 2026 | CVE

A vulnerability was found in Authlib up to 1.6.5. It has been declared as problematic. This affects the function FrameworkIntegration.set_state_data. Executing a manipulation can lead to cross-site request forgery.

This vulnerability is registered as CVE-2025-68158. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2025-68158 | Authlib up to 1.6.5 FrameworkIntegration.set_state_data cross-site request forgery (GHSA-fg6f-75jq-6523)

Post correlati

CVE-2025-68980 | designthemes WeDesignTech Portfolio Plugin up to 1.0.2 on WordPress authorization

CVE-2024-55415 | DevDojo Voyager up to 1.8.0 /admin/compass path traversal

CVE-2023-41972 | Zscaler Client Connector prior 4.3.0.121 on Windows Password Type privileges management

CVE-2025-43990 | Dell Command Monitor 10.9/10.10.0 unnecessary privileges (dsa-2025-414)