MidnightBSD

Advisories for simple_oauth_project

CVE-2025-12466

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Simple OAuth (OAuth2) & OpenID Connect allows Authentication Bypass.This issue affects Simple OAuth (OAuth2) & OpenID Connect: from 6.0.0 before 6.0.7.

Products Affected

Vendor Product Version
simple_oauth_project simple_oauth *