[LOW] auth0-PHP SDK Does Not Properly Handle File Types in Bulk User Import

PKSA-r19n-r8k1-m54h CVE-2025-58769 GHSA-9mh6-g99m-ppcw

Affected version: >=3.3.0,<=8.16.0

Reported by:
GitHub

[CRITICAL] Brute Force Authentication Tags of CookieStore Sessions in Auth0-PHP SDK

PKSA-w6j7-c1kq-w6yb CVE-2025-47275 GHSA-g98g-r7gf-2r25

Affected version: >=8.0.0-BETA1,<8.14.0

Reported by:
GitHub