Rocket.Chat Unauthorized Access to OAuth App Details_CVE-2026-23477

7.7 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Description

Rocket.Chat is an open-source, secure, fully customizable communications platform. In Rocket.Chat versions up to 6.12.0, the API endpoint GET /api/v1/oauth-apps.get is exposed to any authenticated user, regardless of their role or permissions. This endpoint returns an OAuth application, as long as the user knows its ID, including potentially sensitive fields such as client_id and client_secret. This vulnerability is fixed in 6.12.0.

Basic Information

ID CVE-2026-23477

Source GitHub_M

Published Jan 14, 2026 at 18:16

Affected Product

Vendor RocketChat

Product Rocket.Chat

Version < 6.12.0

Affected Versions RocketChat Rocket.Chat < 6.12.0

CWE Classification

CWE-269 CWE-862

References

github.com /RocketChat/Rocket.Chat/security/advisories/GHSA-g4wm-fg3c-g4p2

{
    "lastseen": "",
    "description": "Rocket.Chat is an open-source, secure, fully customizable communications platform. In Rocket.Chat versions up to 6.12.0, the API endpoint GET /api/v1/oauth-apps.get is exposed to any authenticated user, regardless of their role or permissions. This endpoint returns an OAuth application, as long as the user knows its ID, including potentially sensitive fields such as client_id and client_secret. This vulnerability is fixed in 6.12.0.",
    "published": "2026-01-14T18:16:05.178Z",
    "modified": "2026-01-14T18:16:05.178Z",
    "type": "cve",
    "title": "Rocket.Chat Unauthorized Access to OAuth App Details",
    "source": "GitHub_M",
    "references": "https://github.com/RocketChat/Rocket.Chat/security/advisories/GHSA-g4wm-fg3c-g4p2",
    "id": "CVE-2026-23477",
    "bulletinFamily": "",
    "cwe": [
        "CWE-269",
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "RocketChat Rocket.Chat < 6.12.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.7,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Rocket.Chat",
    "version": "< 6.12.0",
    "vendor": "RocketChat",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}