Bojanz Openid Connect / Oauth Client — known CVE vulnerabilities
Every CVE whose affected-product data names Bojanz Openid Connect / Oauth Client, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2026-3531 — CVSS 6.5 (medium): Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal OpenID Connect / OAuth client allows Authentication…
CVE-2026-3530 — CVSS 4.3 (medium): Server-Side Request Forgery (SSRF) vulnerability in Drupal OpenID Connect / OAuth client allows Server Side Request Forgery.This issue…
CVE-2026-3532 — CVSS 4.2 (medium): Improper Handling of Case Sensitivity vulnerability in Drupal OpenID Connect / OAuth client allows Privilege Escalation.This issue affects…