Where
-Infinity
0

Trending

Last week
Last month
Last year

Auth0 Auth0-PHPAuth0-PHP SDK Deserialization of Untrusted Data vulnerability

Risk 59
Severity
9.3
EPSS
0.03%
First published (updated )
CVE-2025-48951

Auth0 Auth0-PHPBrute Force Authentication Tags of CookieStore Sessions in Auth0-PHP SDK

Risk 47
Severity
9.1
EPSS
0.04%
First published (updated )
CVE-2025-47275

Auth0 Lock Node.jsHTML injection with additional signup fields

Risk 38
Severity
6.1
First published (updated )
CVE-2022-29172

Auth0 Nextjs-auth0 Node.jsOpen redirect in nextjs-auth0

Risk 39
Severity
6.4
First published (updated )
CVE-2021-43812

Auth0 Nextjs-auth0 Node.jsReflected XSS from the callback handler's error query parameter

Risk 58
Severity
8
First published (updated )
CVE-2021-32702
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Auth0 LockReflected XSS when using flashMessages

Risk 75
Severity
8.1
First published (updated )
CVE-2021-32641

rubygems/omniauth-auth0Regression in JWT Signature Validation

Risk 67
Severity
9.1
First published (updated )
CVE-2020-15240

Auth0 LockDOM-based XSS in auth0-lock

Risk 48
Severity
6.4
First published (updated )
CVE-2020-15119

Auth0 auth0.jsAuthorization header is not sanitized in an error object in auth0

Risk 44
Severity
7.7
First published (updated )
CVE-2020-15125

Auth0 auth0.jsInformation disclosure through error object

Risk 29
Severity
5.5
First published (updated )
CVE-2020-5263
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Auth0 Wp-auth0 WordpressCSRF

Risk 77
Severity
8.8
First published (updated )
CVE-2020-5391

Auth0 Wp-auth0 WordpressXSS

Risk 38
Severity
6.1
First published (updated )
CVE-2020-5392

npm/auth0-lockXSS

Risk 38
Severity
6.1
First published (updated )
CVE-2019-20174

nuget/Auth0.AuthenticationApiAuth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be acci…

Risk 44
Severity
7.5
First published (updated )
CVE-2019-16929

Auth0 Auth0-WCF-Service-JWTAuth0 Auth0-WCF-Service-JWT before 1.0.4 leaks the expected JWT signature in an error message when i…

Risk 86
Severity
9.8
First published (updated )
CVE-2019-7644
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Auth0 aspnetCSRF

Risk 77
Severity
8.8
First published (updated )
CVE-2018-15121

npm/angular-jwtInput Validation

Risk 38
Severity
6.5
First published (updated )
CVE-2018-11537

Auth0 auth0.jsThe Auth0 authentication service before 2017-10-15 allows privilege escalation because the JWT audie…

Risk 86
Severity
9.8
First published (updated )
CVE-2018-6873

Auth0 auth0.jsCSRF

Risk 77
Severity
8.8
First published (updated )
CVE-2018-6874

Auth0 auth0.jsCSRF

Risk 77
Severity
8.8
First published (updated )
CVE-2018-7307
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203