Affected Products
Vendor / product matrix with CVE counts sourced from the CPE catalog.
Products
1 vendor| Vendor | Products | CVEs | KEV | Avg EPSS | Worst Severity |
|---|---|---|---|---|---|
| 1 | 2 | 0 | 18.8% | MEDIUM |
Related CVEs
2| CVE ID | Description | Severity | CVSS | KEV | EPSS | Published | |
|---|---|---|---|---|---|---|---|
| CVE-2026-31382 | The error_description parameter is vulnerable to Reflected XSS. An attacker can bypass the domain's WAF using a Safari-specific onpagereveal payload. | MEDIUM | 6.1 | — | 15.5% | Mar 20, 2026 | |
| CVE-2026-31381 | An attacker can extract user email addresses (PII) exposed in base64 encoding via the state parameter in the OAuth callback URL. | MEDIUM | 5.3 | — | 22.0% | Mar 20, 2026 |