PT-2026-35068 · Oauthlib · Oauthlib
Published
2026-04-24
·
Updated
2026-04-24
·
CVE-2026-41425
CVSS v3.1
5.4
Medium
| AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.11, there is no CSRF protection on the cache feature in authlib.integrations.starlette client.OAuth. This vulnerability is fixed in 1.6.11.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Oauthlib