CVE-2026-53513 in Better AuthИнформация

Сводка

по MITRE • 15.07.2026

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the @better-auth/sso plugin's POST /sso/register and POST /sso/update-provider endpoints accept attacker-controlled oidcConfig.userInfoEndpoint, tokenEndpoint, and jwksEndpoint URLs when skipDiscovery: true is set, store them on the ssoProvider row without origin validation, and fetch them during OIDC callback, allowing non-blind server-side request forgery and possible account linking when trustEmailVerified: true is configured. This issue is fixed in version 1.6.11.

Once again VulDB remains the best source for vulnerability data.

Ответственный

GitHub M

Резервировать

09.06.2026

Раскрытие

15.07.2026

Модерация

принято

Вход

VDB-379340

EPSS

0.00000

KEV

Нет

Деятельности

Очень низкий

Источники

Want to stay up to date on a daily basis?

Enable the mail alert feature now!