{"vulnerability": "cve-2026-53513", "sightings": [{"uuid": "d2d60bde-c697-4efe-a9ea-1431a68e5384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53513", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3lgb7llz25", "content": "CVE-2026-53513 - sso\nIf you're using an outdated version of the @better-auth/sso plugin, an attacker can access your server by tricking your system into making unauthorized requests. This can happen even\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#sso #betterauth #npm #CVE #infosec", "creation_timestamp": "2026-07-07T21:48:04.619993Z"}, {"uuid": "4ab670a1-d940-4fe9-b637-061989d005b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53513", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mqkz3drgcq24", "content": "CVE-2026-53513 is a Better Auth SSRF flaw (CVSS 9.6) in the SSO plugin. It exposes cloud metadata and enables account takeover. Patch to 1.6.11 now.\n\n#BetterAuth #SSRF #CVE202653513 #SSO #OIDC", "creation_timestamp": "2026-07-14T01:02:27.478598Z"}, {"uuid": "a6032ba0-4b37-473f-ac28-d2af79790852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53513", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqpibc3wko2x", "content": "CVE-2026-53513 - Better Auth: Server-side request forgery via unvalidated OIDC endpoints on @better-auth/sso provider registration\nCVE ID : CVE-2026-53513\n \n Published : July 15, 2026, 6:16 p.m. | 17\u00a0minutes ago\n \n Description : Better Auth is an authentication and authorizati...", "creation_timestamp": "2026-07-15T19:44:51.166011Z"}]}