CVE-2026-44695 - Outline: Slack OAuth state can link a victim Outline account to an attacker Slack identity
CVE ID :CVE-2026-44695 Published : May 11, 2026, 10:22 p.m. | 43 minutes ago Description :Outline is a service that allows for collaborative documentation. Prior to 1.7.1, the Slack integration callback for GET /auth/slack.post accepts an unsigned, session-independent OAuth state value. A thir
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Pressure mounts on Canvas as data leak extortion deadline looms
- [CYBER] Developer of education tool Canvas issues apology after hack
- [CYBER] Nvidia GeForce NOW data breach confirmed — but luckily most of us will be safe, here's why
- [CYBER] Hackean JDownloader y propagan malware en instaladores para Windows y Linux desde el sitio oficial
- [CYBER] Linux bitten by second severe vulnerability in as many weeks
- [CYBER] CVE-2026-8344 - D-Link DIR-816 formDMZ.cgi sub_445E7C command injection