Known Vulnerabilities for OpenID Connect / OAuth Client by Drupal
Listed below are 5 of the newest known vulnerabilities associated with "OpenID Connect / OAuth Client" by "Drupal".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33506 | Ory Polis, formerly known as BoxyHQ Jackson, bridges or proxies a SAML login flow to OAuth 2.0 or OpenID Connect. Versions pr... | Not Provided | 2026-03-26 | 2026-03-26 |
| CVE-2026-3532 | Improper Handling of Case Sensitivity vulnerability in Drupal OpenID Connect / OAuth client allows Privilege Escalation.This ... | Not Provided | 2026-03-26 | 2026-03-27 |
| CVE-2026-3531 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal OpenID Connect / OAuth client allows Authent... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-3530 | Server-Side Request Forgery (SSRF) vulnerability in Drupal OpenID Connect / OAuth client allows Server Side Request Forgery.T... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2025-68158 | Authlib is a Python library which builds OAuth and OpenID Connect servers. In versions 1.0.0 through 1.6.5, cache-backed stat... | Not Provided | 2026-01-08 | 2026-03-30 |