{"vulnerability": "cve-2026-53512", "sightings": [{"uuid": "f07142ca-c1af-4b13-8bed-96199058bf71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53512", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3ifp5g5c2q", "content": "CVE-2026-53512 - better-auth\nSome Better Auth plugins don't verify client secrets for refresh tokens, which could allow an attacker to access sensitive data. If you use Better Auth with the oidc-provider or\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#betterauth #npm #CVE #infosec", "creation_timestamp": "2026-07-07T20:54:04.425045Z"}, {"uuid": "ca65fd81-afe3-445d-b83c-2d93d3dede2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53512", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqph2wla3a22", "content": "CVE-2026-53512 - Better Auth: OAuth refresh-token replay via missing client authentication on oidc-provider and mcp plugins\nCVE ID : CVE-2026-53512\n \n Published : July 15, 2026, 6:16 p.m. | 17\u00a0minutes ago\n \n Description : Better Auth is an authentication and authorization libr...", "creation_timestamp": "2026-07-15T19:23:24.115910Z"}]}