SecBoard
Zurück zur CVE-Übersicht

CVE-2026-53512

NONE
Risk Signal Score10/100 — NIEDRIG
  • Weniger als 24 Stunden alt

Beschreibung

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the legacy oidcProvider and mcp plugins expose OAuth token endpoints whose refresh_token grant authenticates only possession of the bound refreshToken row and matching client_id, without verifying the confidential client's client_secret, allowing an attacker with a valid refresh_token to mint access tokens and rotated refresh tokens through /api/auth/oauth2/token or /api/auth/mcp/token. The @better-auth/oauth-provider package is not affected. This issue is fixed in version 1.6.11.

GitHub Advisories

GHSA-pw9m-5jxm-xr6hCRITICAL

Better Auth: OAuth refresh-token replay via missing client authentication on oidc-provider and mcp plugins

npm/better-auth1.6.11
GitHub Advisory

Referenzen