Vulnerabilidades en zitadel
48 resultadosCVE-2026-29193HIGHZITADEL: Bypassing Zitadel Login Behavior and Security Policy in Login V2EPSS 0.3%CVE-2026-33132MEDIUMZITADEL is missing enforcement of organization scopesEPSS 0.3%CVE-2025-67495HIGHZITADEL Vulnerable to Account Takeover via DOM-Based XSS in Zitadel V2 LoginEPSS 0.3%CVE-2025-64431HIGHIDOR Vulnerabilities in ZITADEL's Organization API allows Cross-Tenant Data TemperingEPSS 0.3%CVE-2026-27945LOWZITADEL has potential SSRF via ActionsEPSS 0.2%CVE-2025-67717MEDIUMZitadel Discloses the Total Number of Instance UsersEPSS 0.2%CVE-2026-27946HIGHZITADEL Users Can Self-Verify Email/Phone via UpdateHumanUser APIEPSS 0.2%CVE-2026-27840MEDIUMZITADEL's truncated opaque tokens are still validEPSS 0.1%