CVE-2026-53513 - Better Auth: Server-side request forgery via unvalidated OIDC endpoints on @better-auth/sso provider registration
CVE ID :CVE-2026-53513 Published : July 15, 2026, 6:16 p.m. | 17 minutes ago Description :Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the @better-auth/sso plugin's POST /sso/register and POST /sso/update-provider endpoints accept...