Search by 
roadiz/openid Security Advisories for v2.6.9 (1)
-
[MEDIUM] OpenID Connect nonce generated but never validated — ID token replay attack
PKSA-h9v7-gkkk-sf31 CVE-2026-42206 GHSA-3gx8-q682-38mx
Affected version: <2.3.43|>=2.5.0,<2.5.45|>=2.6.0,<2.6.31|>=2.7.0,<2.7.18
Reported by:
GitHub