Vulnerability in Authlib

CVE-2026-28498

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect (OIDC) ID Tokens. Spe…

EPSS: 0.000 (8.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References