CVE-2026-47158 - Vaultwarden: CSRF in SSO Authorization Flow
CVE ID :CVE-2026-47158 Published : July 15, 2026, 4:16 p.m. | 17 minutes ago Description :Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO authorization flow did not bind the OAuth state parameter accepted by /connect/authorize to the initiating...