Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Python Authlib Security Update Prevents Account Takeover
Summary
A security update for Python's Authlib library fixes a vulnerability that allowed attackers to take control of user accounts in certain applications. This update is important for developers who use Authlib to protect user authentication in their Python projects. To stay secure, update to the latest version of Authlib as soon as possible.
What to do
- Update python-authlib to version 1.3.1-150600.3.14.1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | python-authlib | <= 1.3.1-150600.3.14.1 | 1.3.1-150600.3.14.1 |
| – | python-authlib | <= 1.3.1-150600.3.14.1 | 1.3.1-150600.3.14.1 |
Original title
Security update for python-Authlib
Original description
This update for python-Authlib fixes the following issues:
- CVE-2025-68158: Fixed 1-click account takeover in applications that use the Authlib library (bsc#1256414)
- CVE-2025-68158: Fixed 1-click account takeover in applications that use the Authlib library (bsc#1256414)
- https://www.suse.com/support/update/announcement/2026/suse-su-20260828-1/ Vendor Advisory
- https://bugzilla.suse.com/1256414 Third Party Advisory
- https://www.suse.com/security/cve/CVE-2025-68158 URL
Published: 5 Mar 2026 · Updated: 6 Mar 2026 · First seen: 6 Mar 2026