Oauth2 Server

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-31691 CRITICAL PATCH Act Now

Missing Authorization vulnerability in Drupal OAuth2 Server allows Forceful Browsing.0.0 before 2.1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oauth2 Server Drupal

NVD

CVSS 3.1

9.8

EPSS

0.4%

CVE-2025-31691

EPSS 0% CVSS 9.8

CRITICAL PATCH Act Now

Missing Authorization vulnerability in Drupal OAuth2 Server allows Forceful Browsing.0.0 before 2.1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oauth2 Server Drupal

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy