Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
10 articles

#authentication

All CosmicBytez Labs articles tagged #authentication, across news, security advisories, how-to guides, and projects.

  • SecurityJun 25, 2026

    CVE-2026-45688: Rocket.Chat CAS Login MongoDB Operator Injection (CVSS 9.1)

    Critical unauthenticated account takeover vulnerability in Rocket.Chat's CAS login handler passes unsanitized client input directly into a MongoDB findOne...

  • SecurityJun 25, 2026

    CVE-2026-45689: Rocket.Chat OAuth Token Hijack via MongoDB Operator Injection (CVSS 9.1)

    Critical pre-authentication vulnerability in Rocket.Chat allows any unauthenticated network attacker to obtain a valid OAuth access token for an arbitrary...

  • NewsJun 13, 2026

    Chinese Hackers Hijack Auth Flow, Spy on Isolated Network for a Decade

    Chinese state-sponsored hackers seized complete control of a target organization's authentication infrastructure and maintained undetected access for ten...

  • SecurityMay 9, 2026

    CVE-2026-41588: RELATE Courseware Timing Attack in Authentication (CVSS 9.0)

    A timing attack vulnerability in RELATE's check_sign_in_key() function could allow attackers to infer valid sign-in keys through response time differences...

  • NewsApr 29, 2026

    cPanel & WHM Emergency Update Fixes Critical Auth Bypass Bug

    cPanel and WebHost Manager have released an emergency patch for a critical authentication bypass vulnerability that allows attackers to gain control panel...

  • SecurityApr 22, 2026

    CVE-2026-22753: Spring Security Filter Chain Bypass via PathPattern Matcher

    A high-severity flaw in Spring Security allows security filter chains to silently fail to match requests when PathPatternRequestMatcher.Builder is used to...

  • SecurityApr 10, 2026

    CVE-2025-57735: Apache Airflow JWT Token Not Invalidated on Logout

    A critical CVSS 9.1 vulnerability in Apache Airflow fails to invalidate JWT tokens upon user logout, allowing intercepted tokens to be reused for...

  • SecurityMar 31, 2026

    CVE-2026-32714: Critical SQL Injection in SciTokens

    A critical SQL injection vulnerability in the SciTokens Python library allows attackers to manipulate authentication token validation via unsanitized...

  • SecurityMar 28, 2026

    CVE-2026-33875: Gematik Authenticator Authentication Flow

    A critical vulnerability in Gematik Authenticator prior to version 4.16.0 allows attackers to hijack authentication sessions via malicious deep links,...

  • ProjectMar 26, 2026

    Keycloak SSO: Self-Hosted Identity Provider for Your Homelab

    Deploy Keycloak with Docker Compose and PostgreSQL to build a centralised single sign-on platform for your homelab services, with OIDC integration for...