Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Sun, 19 Jul 2026 02:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A security vulnerability has been detected in django-oauth django-oauth-toolkit 3.3.0. This issue affects the function _load_id_token of the file oauth2_provider/oauth2_validators.py. The manipulation leads to session expiration. The attack can be initiated remotely. The project was informed of the problem early through an issue report but has not responded yet. | |
| Title | django-oauth django-oauth-toolkit oauth2_validators.py _load_id_token session expiration | |
| First Time appeared |
Django-oauth
Django-oauth django-oauth-toolkit |
|
| Weaknesses | CWE-613 | |
| CPEs | cpe:2.3:a:django-oauth:django-oauth-toolkit:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Django-oauth
Django-oauth django-oauth-toolkit |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-19T02:15:08.796Z
Reserved: 2026-07-18T08:23:11.906Z
Link: CVE-2026-16206
No data.
No data.
No data.
OpenCVE Enrichment
No data.