Pocket-id Vulnerabilities
Comprehensive security vulnerability database for Pocket-id products
2
0
0
2
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-28513 | 7.1 | This vulnerability allows an attacker to misuse authorization codes to access services by exploiting expired codes or codes meant for different clients, as long as they have the correct client ID. It affects versions prior to 2.4.0 of Pocket ID, which means users need to update to the latest version to protect against this issue. | pocket-idpocket id | Theoretical | 28 days agoMar 10, 2026 |
| CVE-2026-28512 | 6.1 | This vulnerability allows an attacker to redirect a user's authentication code to a malicious site if they can trick the user into clicking on a specially crafted link. It affects versions of the Pocket ID software before 2.4.0, so users should upgrade to the latest version to protect against this risk. | pocket-idpocket id | Theoretical | 28 days agoMar 10, 2026 |
About Pocket-id Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Pocket-id products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.