Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Python Authlib Security Update: Prevents Account Takeovers
SUSE-SU-2026:0828-1
Summary
A security update is available for Python's Authlib library to fix a vulnerability that could allow an attacker to take control of user accounts with a single click. This affects applications that use Authlib, which is a common dependency in many projects. To stay protected, update your application to the latest version of Authlib.
What to do
- Update python-authlib to version 1.3.1-150600.3.14.1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | python-authlib | <= 1.3.1-150600.3.14.1 | 1.3.1-150600.3.14.1 |
| – | python-authlib | <= 1.3.1-150600.3.14.1 | 1.3.1-150600.3.14.1 |
Original title
Security update for python-Authlib
Original description
This update for python-Authlib fixes the following issues:
- CVE-2025-68158: Fixed 1-click account takeover in applications that use the Authlib library (bsc#1256414)
- CVE-2025-68158: Fixed 1-click account takeover in applications that use the Authlib library (bsc#1256414)
- https://www.suse.com/support/update/announcement/2026/suse-su-20260828-1/ Vendor Advisory
- https://bugzilla.suse.com/1256414 Third Party Advisory
- https://www.suse.com/security/cve/CVE-2025-68158 URL
Published: 5 Mar 2026 · Updated: 6 Mar 2026 · First seen: 6 Mar 2026