Vulnerabilidades en steveiliop56
3 resultadosCVE-2026-33544HIGHTinyauth has OAuth account confusion via shared mutable state on singleton service instancesEPSS 0.3%CVE-2026-32246HIGHTinyauth vulnerable to TOTP/2FA bypass via OIDC authorize endpointEPSS 0.3%CVE-2026-32245MEDIUMTinyauth's OIDC authorization codes are not bound to client on token exchangeEPSS 0.3%