CVE-2026-3277 – PowerShell Universal OpenID Connect Cleartext Client Secret Exposure

CVE ID : CVE-2026-3277

Published : Feb. 27, 2026, 4:16 p.m. | 55 minutes ago

Description : The OpenID Connect (OIDC) authentication configuration in PowerShell
Universal before 2026.1.3 stores the OIDC client secret in cleartext in
the .universal/authentication.ps1 script, which allows an attacker with read access to that file to obtain the OIDC client credentials

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-25147 – OpenEMR’s Portal Payment Endpoint Trusts User-Controlled pid

CVE-2026-24488 – OpenEMR Vulnerable to Arbitrary File Exfiltration via Fax Endpoint

CVE-2026-3304 – Multer vulnerable to Denial of Service via incomplete cleanup

CVE-2026-2750 – Command Injection via CLAPI generatetraps