Ghostwire

CVE-2026-16206: A security vulnerability has been detected in django-oauth django-oauth-toolkit 3.3.0. This issue affects the function...

MEDIUM CVSS 6.3 Exploit Available 1 PoC

Published: July 19, 2026 | Last Modified: July 19, 2026

Description

A security vulnerability has been detected in django-oauth django-oauth-toolkit 3.3.0. This issue affects the function _load_id_token of the file oauth2_provider/oauth2_validators.py. The manipulation leads to session expiration. The attack can be initiated remotely. The project was informed of the problem early through an issue report but has not responded yet.

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Proof-of-Concept Exploits (1)

Security Coverage (1 articles)

References