Package impact
Go / github.com/oauth2-proxy/oauth2-proxy/v7
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-40575 | critical | 9.1 | 9.1 | 1mo ago | OAuth2 Proxy has an Authentication Bypass via X-Forwarded-Uri Header Spoofing | |||
| CVE-2026-41059 | high | 8.2 | 8.2 | 1mo ago | OAuth2 Proxy has an Authentication Bypass via Fragment Confusion in skip_auth_routes and skip_auth_regex |