OAuth2-Proxy Security Update Advisory (CVE-2025-54576)

Aug 06 2025

Overview

We have released a security update to address a vulnerability in OAuth2-Proxy. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-54576

OAuth2-Proxy Version: 7.10.0 and earlier

Resolved Vulnerabilities

Authentication Bypass Vulnerability in skip_auth_routes in OAuth2-Proxy (CVE-2025-54576)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-54576

OAuth2-Proxy Version: 7.11.0

References

[1] Authentication bypass in oauth2-proxy skip_auth_routes due to Query Parameter inclusion
https://github.com/oauth2-proxy/oauth2-proxy/security/advisories/GHSA-7rh7-c77v-6434

OAuth2-Proxy Security Update Advisory (CVE-2025-54576)

Cursor Security Update Advisory (CVE-2025-54135)

CodeIgniter Security Update Advisory (CVE-2025-54418)

Tags:

Cursor Security Update Advisory (CVE-2025-54135)

CodeIgniter Security Update Advisory (CVE-2025-54418)