CVE-2026-45689 | RocketChat Rocket.Chat up to 8.4.x OAuth Access Token /oauth/token data query logic injection (GHSA-8p25-fm45-pjrw)
A vulnerability identified as critical has been detected in RocketChat Rocket.Chat up to 8.4.x. This issue affects some unknown processing of the file /oauth/token of the component OAuth Access Token Handler. Performing a manipulation results in improper neutralization of special elements in data query logic.
This vulnerability is identified as CVE-2026-45689. The attack can be initiated remotely. There is not any exploit available.
You should upgrade the affected component.VulDB Recent EntriesRead More