ASR AI Security Radar
Methodology Recent Incidents Get Notified

Back to incidents

AI security incident: Feathers has an open redirect in OAuth callback enables account takeover (GHSA-ppf9-4...

Incident date: February 19, 2026 | Published: February 25, 2026 | Source: GitHub Security Advisory | Classification confidence: 45%

This incident is part of the public archive. AI-specific signals are limited in the current source material, so source citations should be reviewed closely during triage. Review methodology.

Description The redirect query parameter is appended to the base origin without validation, allowing attackers to steal access tokens via URL authority injection. This leads to full account takeover, as the attacker obtains the victim's access token and can impersonate them. The application constructs the final redirect URL by concatenating the base origin with the user-supplied redirect parameter: javascript // https://github.com/feathersjs/feathers/blob/dove/packages/authentication-oauth/src/service.ts#L158C3-L176C4 const { redirect } = query; ... session.redirect = redirect; // https://github.com/feathersjs/feathers/blob/dove/packages/authentication-oauth/src/strategy.

Why This Is AI-Related

This advisory is part of the public incident archive, but the current source material uses limited explicit AI terminology, so the cited sources should be reviewed carefully when judging AI relevance and exposure.

  • Explicit AI-specific signals are limited in the current source material, so use the cited advisory to validate scope during triage.

Affected Workflow

Audit SSO, service tokens, plugin credentials, user-to-tool permissions, and admin actions exposed through AI features.

Likely Attack Path

The weakness can let an attacker bypass identity checks or gain higher privileges inside an AI-facing product or workflow.

Impact

The issue can weaken identity or authorization boundaries around AI features, plugins, or operator workflows. Severity HIGH. Classification confidence 45%. Source channel GHSA.

Detection And Triage Signals

  • Unexpected admin actions or scope changes from AI-related users
  • Authentication events that skip normal challenge or approval steps
  • New tokens, integrations, or role assignments created without expected workflow traces

Recommended Response

  • Audit the affected AI workflow for exposed admin actions, service tokens, and user-to-tool permissions.
  • Rotate or disable sensitive credentials if the issue could weaken authentication or authorization boundaries.
  • Review access logs for unusual account actions, scope changes, or integrations created after disclosure.

Compliance And Business Impact

Identity control failures can expand blast radius quickly because AI tools often bridge multiple internal systems and datasets.

Sources

Want alerts like this in real time?

Get notified with incident context, likely impact, and response guidance.

Get Notified

More incidents