CVE-2026-41427 | better-auth oauth-provider up to 1.6.4/1.7.0-beta.1 OAuth Client Creation Endpoint authorization

Inserito da Angelo Barbosa | Apr 24, 2026 | CVE

A vulnerability, which was classified as problematic, was found in better-auth oauth-provider up to 1.6.4/1.7.0-beta.1. This issue affects some unknown processing of the component OAuth Client Creation Endpoint. The manipulation results in incorrect authorization.

This vulnerability is known as CVE-2026-41427. It is possible to launch the attack remotely. No exploit is available.

You should upgrade the affected component.

CVE-2026-41427 | better-auth oauth-provider up to 1.6.4/1.7.0-beta.1 OAuth Client Creation Endpoint authorization

Post correlati

CVE-2024-38254 | Microsoft Windows up to Server 2022 23H2 Authentication uninitialized resource

CVE-2025-22697 | CyberChimps Responsive Blocks Plugin up to 1.9.9 on WordPress cross site scripting

CVE-2024-41866 | Adobe InDesign Desktop up to 18.5.2/19.4 null pointer dereference (apsb24-56)

CVE-2024-49290 | Gora Tech Cooked Pro Plugin up to 1.8.0 on WordPress cross-site request forgery