auth0 Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by auth0
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Improper Signature Verification in Node.js JSON Web Signature Implementation by Auth0
CVE-2025-65945Auth0Node-jwsπΎπ‘7.5HIGHSession Cookie Vulnerability in Auth0 Next.js SDK for User Authentication
CVE-2025-48947Auth0Nextjs-auth07.7HIGHSAML Authentication Vulnerability in Passport-WSFED-SAML2 by Auth0
CVE-2025-46573Auth0Passport-wsfed-saml28.6HIGHSAML Authentication Vulnerability in Auth0's Passport Strategy for WS-fed and SAML2
CVE-2025-46572Auth0Passport-wsfed-saml29.3CRITICALjsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()
CVE-2022-23540Auth0Node-jsonwebtoken7.6HIGHOpen Redirect in express-openid-connect
CVE-2022-24794Auth0Express-openid-connect7.5HIGHReflected XSS from the callback handler's error query parameter
CVE-2021-32702Auth0Nextjs-auth08HIGHReflected XSS when using flashMessages
CVE-2021-32641Auth0Lock8.1HIGHCSRF in Auth0 ad-ldap-connector
CVE-2020-15259Auth0Ad-ldap-connector8.1HIGHRegression in JWT Signature Validation
CVE-2020-15240Auth0Omniauth-auth07.4HIGHAuthorization header is not sanitized in an error object in auth0
CVE-2020-15125Auth0Node-auth07.7HIGHAuthorization bypass in express-jwt
CVE-2020-15084Auth0Express-jwt7.7HIGHIncorrect Access Control in Auth0 IdentityTokenValidator
CVE-2019-16929Auth0Auth0.net7.5HIGHAuthentication Bypass in Auth0 Passport-SharePoint by Auth0
CVE-2019-13483Auth0Passport-sharepoint7.3HIGHJWT Signature Leak Vulnerability in Auth0 WCF Service
CVE-2019-7644Auth0Auth0-wcf-service-jwt9.8CRITICALCSRF Vulnerability in Auth0 ASP.NET Packages
CVE-2018-15121Auth0Aspnet-owin8.8HIGHPrivilege Escalation Vulnerability in Auth0 Authentication Service
CVE-2018-6873Auth0Auth0.js9.8CRITICALCSRF Vulnerability in Auth0 Authentication Service
CVE-2018-6874Auth0Auth0.js8.8HIGHCross-Site Request Forgery Vulnerability in Auth0.js Library by Auth0
CVE-2018-7307Auth0Auth0.js8.8HIGHUser Impersonation Vulnerability in Auth0 Passport-WSFED-SAML2 Library
CVE-2017-16897Auth0Passport-wsfed-saml28.1HIGHCross-Origin Vulnerability in Auth0.js Library Affecting Auth0
CVE-2017-17068Auth0Auth0.js7.5HIGH