Tag

Bypass

9 briefs RSS

Clerk Authorization Bypass Vulnerability

Clerk has an authorization bypass vulnerability in multiple packages where the `has()` and `auth.protect()` predicates can incorrectly return true, potentially allowing unauthorized actions.

@clerk/shared +16 authorization bypass clerk cve-2026-42349

2r 1t 4d ago

high advisory

Better Auth OAuth Provider Authorization Bypass Vulnerability

2 rules 2 TTPs

An authorization bypass vulnerability exists in Better Auth's OAuth provider, allowing low-privilege users to create OAuth clients despite configured clientPrivileges, potentially leading to unauthorized client registration and increased phishing risks.

oauth authorization bypass privilege-escalation defense-evasion

2r 2t 2w ago

high advisory

@fastify/middie Middleware Bypass Vulnerability (CVE-2026-33804)

2 rules 1 TTP 1 CVE

A middleware bypass vulnerability (CVE-2026-33804) exists in @fastify/middie versions 9.3.1 and earlier when the deprecated Fastify ignoreDuplicateSlashes option is enabled, potentially allowing unauthorized access.

fastify middie middleware bypass cve-2026-33804 defense-evasion

2r 1t 1c 2w ago

critical advisory

Better Auth Two-Factor Authentication Bypass Vulnerability

2 rules 1 TTP

Better Auth versions prior to 1.4.9 have a critical two-factor authentication bypass vulnerability; when session.cookieCache is enabled, the initial sign-in session may be improperly cached, allowing attackers with valid credentials to bypass 2FA.

authentication 2fa bypass better-auth

2r 1t Apr 3, 2026

high advisory

Moby Authorization Plugin Bypass via Oversized Request Bodies

2 rules

A vulnerability in Moby allows attackers to bypass authorization plugins by crafting API requests with oversized bodies, causing the Docker daemon to forward the request without the body to the plugin, potentially leading to unauthorized actions.

docker authz authorization bypass cve-2026-34040

2r Mar 27, 2026

high advisory

Claude Code Workspace Trust Dialog Bypass via Settings Loading Order (CVE-2026-33068)

2 rules 1 TTP

A maliciously crafted `.claude/settings.json` file in a Claude Code repository (versions prior to 2.1.53) can bypass the workspace trust confirmation dialog by exploiting a configuration loading order defect, allowing for arbitrary code execution within a supposedly untrusted workspace.

claude-code workspace-trust cve-2026-33068 bypass

2r 1t Mar 21, 2026

high advisory

MOTW Bypass via CAB, TAR, and 7-Zip Chaining

2 rules 2 TTPs 1 IOC

A newly discovered Mark of the Web (MOTW) bypass technique utilizes a chain of CAB, TAR, and 7-Zip archives to circumvent SmartScreen and execute files without security warnings.

motw bypass phishing defense-evasion archive 7-zip cab tar

2r 2t 1i Mar 19, 2026

high advisory

Credential Guard Bypass and Detection Strategies

2 rules 2 TTPs 1 IOC

This brief covers offensive techniques to bypass Credential Guard, a Windows security feature designed to protect credentials, and provides detection strategies for these bypass attempts.

credential-guard bypass windows

2r 2t 1i Mar 18, 2026

high advisory

Admidio Inverted 2FA Reset Allows Privilege Escalation

2 rules 2 TTPs

A logic error in Admidio's two-factor authentication reset inverts the authorization check, allowing non-admin users to remove other users' TOTP, including administrators, reducing their security to password-only authentication in versions 5.0.8 and earlier.

admidio 2fa bypass privilege-escalation

2r 2t Jan 22, 2024