{"uuid": "40c12c82-63fe-4822-b160-7d165cba80b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54588", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mp2fjn4xgw2o", "content": "CVE-2026-54588 - Critical OIDC/SAML redirect_uri poisoning in Poweradmin. Unauthenticated attacker can steal auth codes via HTTP_HOST header injection. CVSS 9.6. No patch available. Disable OIDC/SAML until fixed. #CVE #infosec #Poweradmin\n\nhttps://www.valtersit.com/cve/CVE-2026-54588/", "creation_timestamp": "2026-06-24T17:04:44.070193Z"}