Vulnerabilities in node-oauth

1 result

CVE-2026-41213MEDIUM@node-oauth/oauth2-server: PKCE code_verifier ABNF not enforced in token exchange allows brute-force redemption of intercepted authorization codesEPSS 0.3%