Zurück zur CVE-Übersicht
CVE-2026-53512
NONERisk Signal Score10/100 — NIEDRIG
- Weniger als 24 Stunden alt
Beschreibung
Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the legacy oidcProvider and mcp plugins expose OAuth token endpoints whose refresh_token grant authenticates only possession of the bound refreshToken row and matching client_id, without verifying the confidential client's client_secret, allowing an attacker with a valid refresh_token to mint access tokens and rotated refresh tokens through /api/auth/oauth2/token or /api/auth/mcp/token. The @better-auth/oauth-provider package is not affected. This issue is fixed in version 1.6.11.
GitHub Advisories
GHSA-pw9m-5jxm-xr6hCRITICAL
Better Auth: OAuth refresh-token replay via missing client authentication on oidc-provider and mcp plugins
npm/better-auth→ 1.6.11
GitHub Advisory