CVE-2026-53516 - Better Auth: Account takeover via OAuth auto-link to unverified pre-registered email
CVE ID :CVE-2026-53516 Published : July 15, 2026, 6:16 p.m. | 17 minutes ago Description :Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, Better Auth's OAuth callback auto-link gate in handleOAuthUserInfo accepts implicit account linking when the...