FLAT-3UM89 (CVE-2026-40155)
Authentication mechanism absence or evasion In @auth0/nextjs-auth0
4.0
Medium
Ecosystem: Npm
Package: @auth0/nextjs-auth0
FLAT-QP77U (CVE-2025-67716)
Lack of data validation In @auth0/nextjs-auth0
1.2
Low
Ecosystem: Npm
Package: @auth0/nextjs-auth0
FLAT-PBHTX (CVE-2025-67490)
Authentication mechanism absence or evasion In @auth0/nextjs-auth0
3.8
Low
Ecosystem: Npm
Package: @auth0/nextjs-auth0
FLAT-M14UN (CVE-2025-48947)
Cached form fields In @auth0/nextjs-auth0
5.2
Medium
Ecosystem: Npm
Package: @auth0/nextjs-auth0
FLAT-IHIG5 (CVE-2025-46344)
Insecure session management In @auth0/nextjs-auth0
4.9
Medium
Ecosystem: Npm
Package: @auth0/nextjs-auth0
FLAT-9YWUQ (CVE-2021-43812)
Uncontrolled external site redirect In @auth0/nextjs-auth0
1.3
Low
Ecosystem: Npm
Package: @auth0/nextjs-auth0
FLAT-KD8ZF (CVE-2021-32702)
Reflected cross-site scripting (XSS) In @auth0/nextjs-auth0
5.9
Medium
Ecosystem: Npm
Package: @auth0/nextjs-auth0