Vulnerabilidades em pocket-id
3 resultadosCVE-2026-28513HIGHPocket ID: OIDC authorization code validation uses AND instead of OR, allowing cross-client token exchangeEPSS 0.3%CVE-2026-43983HIGHPocket ID: OIDC refresh token flow bypasses authorization revocation, account disabling, and group restrictionsEPSS 0.2%CVE-2026-28512HIGHPocket ID: OAuth redirect_uri validation bypass via userinfo/host confusionEPSS 0.2%