[CYBERDIGEST]
⊞ Dashboard ⚡ Intelligence 📝 Reports 📚 Global Threats 💻 Hack Lab 🗄️ Resources ⌬ 0xJerry's Lab
📡 RSS Feed
System Online

Tag

#OAuth authorization-code grant

newsHIGH 7.6

CVE-2026-53518: @better-auth/oauth-provider's OAuth authorization-code grant allows concurrent redemption

A vulnerability in @better-auth/oauth-provider allows concurrent redemption of OAuth authorization codes, potentially leading to multiple independent token sets being issued from a single authorization code. Users of @better-auth/oauth-provider versions >= 1.6.0, < 1.6.11 are affected. Upgrade to @better-auth/[email protected] or later to mitigate.

Jul 8, 20261 source