CVE-2026-47164: CWE-284: Improper Access Control in dani-garcia vaultwarden
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO login flow checked the IdP email_verified claim only for new-user creation and not when…
Read the full article2d agoen
Comments
Sign in to join the conversation.
No comments yet. Be the first.