Skip to main content

Github CVE-2026-25221

HIGH
Cross-Site Request Forgery (CSRF) (CWE-352)
2026-02-02 security-advisories@github.com
8.1
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.1 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

4
Analysis Generated
Mar 12, 2026 - 22:01 vuln.today
PoC Detected
Feb 20, 2026 - 20:45 vuln.today
Public exploit code
Patch released
Feb 20, 2026 - 20:45 nvd
Patch available
CVE Published
Feb 02, 2026 - 23:16 nvd
HIGH 8.1

DescriptionGitHub Advisory

PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forgery (CSRF). The application fails to implement and verify the state parameter during the authentication flow. This allows an attacker to pre-authenticate a session and trick a victim into logging into the attacker's account. Any data the victim then enters or academic progress they make is stored on the attacker's account, leading to data loss for the victim and information disclosure to the attacker.

AnalysisAI

PolarLearn versions 0-PRERELEASE-15 and earlier lack proper state parameter validation in OAuth 2.0 authentication, enabling attackers to conduct login CSRF attacks against GitHub and Google login flows. An attacker can pre-authenticate a victim's session and trick them into logging into the attacker's account, causing the victim's data and academic progress to be stored on the attacker's account instead. Public exploit code exists for this vulnerability, and a patch is available.

Technical ContextAI

Classified as CWE-352 (Cross-Site Request Forgery (CSRF)). Affects Polarlearn. PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forgery (CSRF). The application fails to implement and verify the state parameter during the authentication flow. This allows an attacker to pre-authenticate a session and trick a victim into logging into the attacker's account. Any data the victim then enters or academic progress they make is stored on

RemediationAI

A vendor patch is available — apply it immediately. Restrict network access to the affected service where possible.

More in Github

View all
CVE-2026-1699 CRITICAL POC
10.0 Jan 30

Supply chain vulnerability in Eclipse Theia GitHub Actions workflow. The preview.yml workflow uses pull_request_target w

CVE-2026-27941 CRITICAL POC
9.9 Feb 26

Supply chain attack vector in OpenLIT GitHub Actions workflows. The pull_request_target trigger with checkout enables ma

CVE-2026-22869 CRITICAL POC
9.8 Jan 13

Eigent multi-agent workflow CI pipeline (ci.yml) uses pull_request_target with checkout of untrusted PR code, enabling a

CVE-2026-28215 CRITICAL POC
9.1 Feb 26

Unauthenticated infrastructure overwrite in Hoppscotch API development ecosystem before 2026.2.0. Attackers can overwrit

CVE-2018-1000600 HIGH POC
8.8 Jun 26

A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCrede

CVE-2026-30920 HIGH POC
8.6 Mar 10

OneUptime versions prior to 10.0.19 allow unauthenticated attackers to hijack GitHub App integrations across projects by

CVE-2026-23644 HIGH POC
7.5 Jan 18

Path traversal in esm.sh CDN prior to version 0.0.0-20260116051925-c62ab83c589e allows unauthenticated remote attackers

CVE-2025-68619 HIGH POC
7.2 Jan 01

Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.19.0 of the appstore i

CVE-2026-27943 MEDIUM POC
6.5 Feb 26

Authenticated users in OpenEMR through version 8.0.0 can access and modify eye exam records belonging to other patients

CVE-2026-23889 MEDIUM POC
6.5 Jan 26

Path traversal in pnpm's tarball extraction on Windows allows attackers to write files outside the intended package dire

CVE-2026-27612 MEDIUM POC
6.1 Feb 25

Reflected XSS in Repostat's RepoCard React component prior to version 1.0.1 allows attackers to execute arbitrary JavaSc

CVE-2025-49013 CRITICAL
9.9 Jun 09

A security vulnerability in WilderForge (CVSS 9.9). Critical severity with potential for significant impact on affected

Share

CVE-2026-25221 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy