Package impact
npm / better-auth
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45364 | high | 7.3 | 7.3 | 21d ago | Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it rece… | |||
| CVE-2026-45337 | unknown | — | — | 23h ago | Better Auth: Device authorization approve and deny accept any authenticated session while the user code is pending |