Vulnerabilities

CVE-2025-65430

by Fred · 15/12/2025

An issue was discovered in allauth-django before 65.13.0. IdP: marking a user as is_active=False after having handed tokens for that user while the account was still active had no effect. Fixed the access/refresh tokens are now rejected.

More information : https://allauth.org/news/2025/10/django-allauth-65.13.0-released/

Similar

Tags: Cybersecurity Alert