pkg:npm/better-auth

5 total CVEsHIGH2

✅ Check your installed version

All known vulnerabilities

  • HIGH8.6CVE-2025-61928Better Auth: Unauthenticated API key creation through api-key plugin
    from 0, < 1.3.26
  • HIGH7.3CVE-2026-45364Better Auth: Rate limiter keys IPv6 addresses individually and is bypassable via prefix rotation
    from 0, < 1.4.17
  • CVE-2025-53535Better Auth Open Redirect Vulnerability in originCheck Middleware Affects Multiple Routes
    from 0, < 1.2.10
  • CVE-2025-27143Beter Auth has an Open Redirect via Scheme-Less Callback Parameter
    from 0, < 1.1.20
  • CVE-2024-56734Better Auth has an Open Redirect Vulnerability in Verify Email Endpoint
    from 0, < 1.1.6