Exposure of Auth0
Authentication30
exposure score
947
sites use
0
exploited
3
critical
CVEs
31 resultsCVE-2025-48947HIGHNextJS-Auth0 SDK Vulnerable to CDN Caching of Session CookiesEPSS 0.4%CVE-2025-46344MEDIUMAuth0 NextJS SDK v4 Missing Session InvalidationEPSS 0.4%CVE-2023-6813MEDIUMLogin by Auth0 <= 4.6.0 - Reflected Cross-Site Scripting via wleEPSS 0.4%CVE-2025-58769LOWauth0-PHP: Improper File Type Handling in Bulk User ImportEPSS 0.3%CVE-2025-46573HIGHpassport-wsfed-saml2 Has SAML Authentication Bypass via Attribute SmugglingEPSS 0.3%CVE-2025-67716MEDIUMAuth0 Next.js SDK has Improper Validation of Query ParametersEPSS 0.2%CVE-2026-34236HIGHAuth0 PHP SDK Insufficient Entropy in Cookie EncryptionEPSS 0.2%CVE-2026-40155MEDIUMAuth0 Next.js SDK has Improper Proxy Cache LookupEPSS 0.2%CVE-2026-42280HIGHImproper Permission Checking in Auth.js SDKEPSS 0.2%CVE-2025-65945HIGHauth0/node-jws improper HMAC signature verification vulnerabilityEPSS 0.2%CVE-2025-67490MEDIUMAuth0 Next.js SDK has Improper Request Caching LookupEPSS 0.2%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →