Browse all 6 CVE security advisories affecting One Identity. AI-powered Chinese analysis, POCs, and references for each vulnerability.
One Identity provides identity and access management solutions, focusing on privileged access control and user lifecycle management. Historically, its products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure authentication mechanisms. The company maintains six CVEs on record, with notable issues including flaws that could allow unauthorized system access or elevation of privileges. While no major public security incidents have been widely reported, the consistent presence of authentication-related vulnerabilities in their software highlights the ongoing challenges in securing complex identity management platforms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-59363 | One Identity OneLogin 安全漏洞 — OneLoginCWE-669 | 7.7 | High | 2025-09-14 |
| CVE-2025-52924 | One Identity OneLogin SQL注入漏洞 — OneLoginCWE-89 | 4.0 | Medium | 2025-07-19 |
| CVE-2025-27582 | One Identity Password Manager 安全漏洞 — Password ManagerCWE-829 | 7.6 | High | 2025-07-14 |
| CVE-2025-34064 | OneLogin AD Connector Log S3 Bucket Hijack Leading to Cross-Tenant Data Leakage — OneLogin Active Directory Connector (ADC)CWE-668 | 8.1AI | HighAI | 2025-07-01 |
| CVE-2025-34063 | OneLogin AD Connector JWT Authentication Bypass via Exposed Signing Key — OneLogin Active Directory Connector (ADC)CWE-290 | 8.8AI | HighAI | 2025-07-01 |
| CVE-2025-34062 | OneLogin AD Connector API Credential and Signing Key Exposure — OneLogin Active Directory Connector (ADC)CWE-200 | 8.1AI | HighAI | 2025-07-01 |
This page lists every published CVE security advisory associated with One Identity. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.