CVE Catalog

CVE-2026-36537

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.23%

14th percentile — higher than 14% of all known CVEs

Summary

ThingsBoard v4.3.0.1 is vulnerable to an authentication bypass during the OAuth authorization code exchange. The application improperly trusts user-supplied identity data within the user parameter of the /login/oauth2/code/ endpoint.

Risk Assessment

An attacker can bypass authentication and gain full access to any existing user account on the platform, resulting in a complete account takeover.

Recommendation

It is recommended to update to the latest version of ThingsBoard and implement additional identity verification mechanisms for user data.

Original NVD description (English source)

ThingsBoard v4.3.0.1 is vulnerable to an authentication bypass during the OAuth authorization code exchange. The application improperly trusts user-supplied identity data within the user parameter of the /login/oauth2/code/ endpoint. By manipulating the email address in this JSON object, a remote attacker can bypass authentication and gain full access to any existing user account on the platform without possessing the target user's credentials. This results in a complete account takeover.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS