Vulnerabilities

Latest: CVE-2026-23477 - Rocket.Chat Unauthorized Access to OAuth App Details

2026-01-14 0 views admin

CVE ID : CVE-2026-23477 Published : Jan. 14, 2026, 7:16 p.m. | 28 minutes ago Description : Rocket.Chat is an open-source, secure, fully customizable communications platform. In Rocket.Chat versions up to 6.12.0, the API endpoint GET /api/v1/oauth-apps.get is exposed to any authenticated user, regardless of their role or permissions. This endpoint returns an OAuth application, as long as the user knows its ID, including potentially sensitive fields such as client_id and client_secret. This vulnerability is fixed in 6.12.0. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-23477

Severity

HIGH

Published

Jan. 14, 2026

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-23477high

Latest: CVE-2026-23477 - Rocket.Chat Unauthorized Access to OAuth App Details

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-0960 - Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

Essential Guide: CVE-2026-0959 - Out-of-bounds Write in Wireshark

Update: CVE-2026-0861 - Integer overflow in memalign leads to heap corruption

CVE-2026-0961 - Out-of-bounds Write in Wireshark - Full Analysis

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting