Browse all 7 CVE security advisories affecting WorkOS. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-64762 | authkit-nextjs may let session cookies be cached in CDNs — authkit-nextjsCWE-524 | 4.2 | - | 2025-11-21 |
| CVE-2025-55008 | AuthKit React Router: Sensitive auth data rendered in HTML — authkit-react-routerCWE-200 | 7.1 | High | 2025-08-09 |
| CVE-2025-55009 | AuthKit: Sensitive auth data rendered in HTML — authkit-remixCWE-200 | 7.1 | High | 2025-08-09 |
| CVE-2025-23017 | WorkOS Hosted AuthKit 安全漏洞 — Hosted AuthKitCWE-305 | 6.0 | Medium | 2025-02-24 |
| CVE-2024-51752 | Refresh tokens are logged when the debug flag is enabled in @workos-inc/authkit-nextjs — authkit-nextjsCWE-532 | 5.3AI | MediumAI | 2024-11-05 |
| CVE-2024-51753 | Refresh tokens are logged when the debug flag is enabled in @workos-inc/authkit-remix — authkit-remixCWE-532 | 5.3AI | MediumAI | 2024-11-05 |
| CVE-2024-29901 | @workos-inc/authkit-nextjs session replay vulnerability — authkit-nextjsCWE-294 | 4.8 | Medium | 2024-03-29 |
This page lists every published CVE security advisory associated with WorkOS. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.