Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

better-auth

Ecosystem:
npm
Package URL:
pkg:npm/better-auth
Total PRs:
588 Dependabot PRs
Latest PR:
about 3 hours ago
Unique Repositories:
174 repositories
Unique Repos (30 days):
70 repositories
Security Advisories
Better Auth Open Redirect Vulnerability in originCheck Middleware Affects Multiple Routes
GHSA-36rg-gfq2-3h56 CVE-2025-53535 LOW published 2 months ago • updated 22 days ago
### Summary An open redirect has been found in the `originCheck` middleware function, which affects the following routes: `/verify-email`, `/reset...
Beter Auth has an Open Redirect via Scheme-Less Callback Parameter
GHSA-hjpm-7mrm-26w8 CVE-2025-27143 MODERATE published 7 months ago • updated about 1 month ago
### Summary The application is vulnerable to an open redirect due to improper validation of the callbackURL parameter in the email verification end...
Better Auth has an Open Redirect Vulnerability in Verify Email Endpoint
GHSA-8jhw-6pjj-8723 CVE-2024-56734 HIGH published 8 months ago • updated about 1 month ago
## Summary An **open redirect vulnerability** has been identified in the **verify email endpoint** of Better Auth, potentially allowing attackers t...
Better Auth URL parameter HTML Injection (Reflected Cross-Site scripting)
GHSA-9x4v-xfq5-m8x5 CRITICAL published 7 months ago • updated 3 months ago
### Summary The better-auth `/api/auth/error` page was vulnerable to HTML injection, resulting in a reflected cross-site scripting (XSS) vulnerabil...
Better Auth allows bypassing the trustedOrigins Protection which leads to ATO
GHSA-vp58-j275-797x CRITICAL published 7 months ago • updated 3 months ago
### Summary A bypass was found for **wildcard** or **absolute URLs** trustedOrigins configurations and opens the victims website to a **Open Redire...
Recent PRs
RSS Feed
Bump the production-dependencies group across 1 directory with 39 updates

cold-starr/ui-pr1 #18

1.3.7 → 1.3.9 Patch PR
Open about 3 hours ago
cold-starr
build(deps): bump the production-dependencies group across 1 directory with 34 updates

clachance14/PipeTrak #19

1.2.12 → 1.3.9 Minor PR
Open about 6 hours ago 2 comments
clachance14
build(deps): bump the production-dependencies group across 1 directory with 57 updates

jonathanwilke/network-buddy #37

1.2.8 → 1.3.9 Minor PR
Open about 7 hours ago 1 comment
jonathanwilke
chore(deps): bump better-auth from 1.3.8 to 1.3.9

marcusleg/briefing-officer #334

1.3.8 → 1.3.9 Patch PR
Open about 10 hours ago
marcusleg
Bump the production-dependencies group across 1 directory with 61 updates

nhatphu17/supastarter #37

1.2.7 → 1.3.9 Minor PR
Open about 11 hours ago
nhatphu17
build(deps): bump the production-dependencies group across 1 directory with 57 updates

luongnguyen1088/supastarter03 #28

1.2.8 → 1.3.9 Minor PR
Open about 13 hours ago
luongnguyen1088
build(deps): bump the version group with 3 updates

MuntasirSZN/csmc #122

1.3.8 → 1.3.9 Patch PR
Open about 14 hours ago 2 comments
MuntasirSZN
chore(deps): bump better-auth from 1.3.8 to 1.3.9 in the better-auth group

masumi-network/sokosumi #1447

1.3.8 → 1.3.9 Patch PR
Merged about 16 hours ago 1 comment
masumi-network
Bump the production-dependencies group across 1 directory with 60 updates

finnash/newkitforupdate #10

1.2.7 → 1.3.9 Minor PR
Open about 18 hours ago
finnash
Bump the production-dependencies group across 1 directory with 60 updates

finnash/finstarter-nextjs-main #16

1.2.7 → 1.3.9 Minor PR
Open about 19 hours ago 1 comment
finnash
Bump better-auth from 1.3.8 to 1.3.9

toastboy/next-www-toastboy #72

1.3.8 → 1.3.9 Patch PR
Open about 19 hours ago
toastboy
build(deps): bump better-auth from 1.3.8 to 1.3.9

kyakujs/kyaku #822

1.3.8 → 1.3.9 Patch PR
Merged about 21 hours ago
kyakujs
chore(deps): bump the compatible group with 11 updates

phanect/guildkit #95

1.3.7 → 1.3.9 Patch PR
Merged about 24 hours ago 1 comment
phanect
build(deps): bump the production-dependencies group across 1 directory with 29 updates

clachance14/PipeTrak #18

1.2.12 → 1.3.9 Minor PR
Open about 24 hours ago 3 comments
clachance14
Bump the production-dependencies group across 1 directory with 61 updates

kernelai/next-learn #28

1.1.21 → 1.3.8 Minor PR
Open 1 day ago
kernelai
deps(deps): bump better-auth from 1.3.4 to 1.3.8

map-quiz/mapquiz-back #61

1.3.4 → 1.3.8 Patch PR
Open 1 day ago 1 comment
map-quiz
build(deps): bump the production-dependencies group across 1 directory with 56 updates

jonathanwilke/network-buddy #36

1.2.8 → 1.3.8 Minor PR
Closed 1 day ago 2 comments
jonathanwilke
chore(deps): bump better-auth from 1.2.5 to 1.3.8

mhmadamrii/devtrack #59

1.2.5 → 1.3.8 Minor PR
Open 1 day ago
mhmadamrii
chore(deps): bump the all group across 1 directory with 17 updates

HiddenAbilitree/next-auth-template #31

1.3.7 → 1.3.8 Patch PR
Open 1 day ago
HiddenAbilitree
build(deps): bump better-auth from 1.2.10 to 1.3.8

Diplow/hexframe #114

1.2.10 → 1.3.8 Minor PR
Open 1 day ago
Diplow
Bump the production-dependencies group across 1 directory with 59 updates

Bharat-kasera/acme #17

1.2.7 → 1.3.8 Minor PR
Closed 1 day ago 1 comment
Bharat-kasera
Bump the production-dependencies group across 1 directory with 56 updates

ukjahid1/towmanvan-co-uk #44

1.2.8 → 1.3.8 Minor PR
Closed 1 day ago 1 comment
ukjahid1
Bump the npm-dependencies group across 1 directory with 28 updates

PhyExDB/PhyExDB #522

1.2.5 → 1.3.8 Minor PR
Open 1 day ago
PhyExDB
Bump the production-dependencies group across 1 directory with 60 updates

nhatphu17/supastarter #36

1.2.7 → 1.3.8 Minor PR
Closed 1 day ago 2 comments
nhatphu17
build(deps): bump better-auth from 1.3.7 to 1.3.8

bgord/bgord-ui #13

1.3.7 → 1.3.8 Patch PR
Open 1 day ago
bgord
chore(deps): bump the all group with 135 updates

jaqubowsky/create-nextjs-app #25

1.3.7 → 1.3.8 Patch PR
Open 1 day ago
jaqubowsky
chore(deps): bump the production-dependencies group across 1 directory with 55 updates

sheshagirisrao/huduku_compliance #17

1.2.12 → 1.3.8 Minor PR
Open 1 day ago
sheshagirisrao
Bump the production-dependencies group across 1 directory with 61 updates

KStartups/azure #36

1.1.21 → 1.3.8 Minor PR
Open 1 day ago
KStartups
chore(deps): bump the convex group with 3 updates

namesakefyi/namesake #774

1.3.7 → 1.3.8 Patch PR
Open 1 day ago
namesakefyi
build(deps): bump better-auth from 1.3.7 to 1.3.8

bgord/bgord-bun #138

1.3.7 → 1.3.8 Patch PR
Open 1 day ago
bgord
deps(deps): bump the minor-and-patch-dependencies group across 1 directory with 58 updates

unibeck/solstatus #135

1.2.12 → 1.3.8 Minor PR
Open 1 day ago
unibeck
Bump the production-dependencies group across 1 directory with 59 updates

finnash/newkitforupdate #9

1.2.7 → 1.3.8 Minor PR
Closed 1 day ago 1 comment
finnash
Bump the production-dependencies group across 1 directory with 59 updates

finnash/finstarter-nextjs-main #15

1.2.7 → 1.3.8 Minor PR
Closed 2 days ago 2 comments
finnash
build(deps): bump better-auth from 1.2.9 to 1.3.8

jotap1101/doutor-agenda #45

1.2.9 → 1.3.8 Minor PR
Open 2 days ago
jotap1101
chore(deps): bump better-auth from 1.2.5 to 1.3.8 in /apps/oss-dynamic

rjvim/saas-foundations #359

1.2.5 → 1.3.8 Minor PR
Open 2 days ago
rjvim
chore(deps): bump better-auth from 1.3.7 to 1.3.8

CaoMeiYouRen/caomei-auth #101

1.3.7 → 1.3.8 Patch PR
Open 2 days ago
CaoMeiYouRen
build(deps): bump the production-dependencies group across 1 directory with 27 updates

clachance14/PipeTrak #15

1.2.12 → 1.3.8 Minor PR
Open 3 days ago 3 comments
clachance14
Bump the production-dependencies group across 1 directory with 59 updates

Inderj1/thynx #17

1.2.7 → 1.3.8 Minor PR
Open 4 days ago
Inderj1
build(deps): bump the production-dependencies group across 1 directory with 66 updates

clachance14/PipeTrak #13

1.2.12 → 1.3.8 Minor PR
Open 4 days ago
clachance14
build(deps): bump the production-dependencies group across 1 directory with 55 updates

jonathanwilke/network-buddy #35

1.2.8 → 1.3.8 Minor PR
Open 4 days ago
jonathanwilke
chore(deps): bump the production-dependencies group across 1 directory with 53 updates

sheshagirisrao/huduku_compliance #16

1.2.12 → 1.3.8 Minor PR
Open 5 days ago 1 comment
sheshagirisrao
build(deps): bump the production-dependencies group across 1 directory with 54 updates

luongnguyen1088/supastarter03 #26

1.2.8 → 1.3.8 Minor PR
Open 5 days ago 1 comment
luongnguyen1088
Bump the production-dependencies group across 1 directory with 59 updates

KStartups/azure #35

1.1.21 → 1.3.8 Minor PR
Open 5 days ago 1 comment
KStartups
deps(example): bump the dependencies group across 1 directory with 4 updates

arcjet/arcjet-js #5100

1.3.7 → 1.3.8 Patch PR
Open 5 days ago 1 comment
arcjet
Bump the production-dependencies group across 1 directory with 56 updates

Inderj1/thynx #16

1.2.7 → 1.3.8 Minor PR
Open 5 days ago
Inderj1
build(deps): bump the production-dependencies group across 1 directory with 67 updates

clachance14/PipeTrak #12

1.2.12 → 1.3.8 Minor PR
Closed 5 days ago 3 comments
clachance14
build(deps): bump the production-dependencies group across 1 directory with 68 updates

clachance14/PipeTrak #11

1.2.12 → 1.3.8 Minor PR
Open 5 days ago 3 comments
clachance14
Bump the production-dependencies group across 1 directory with 34 updates

rgrover00/supasolidx_v2 #15

1.3.7 → 1.3.8 Patch PR
Open 5 days ago 1 comment
rgrover00
chore(deps): bump the dependencies group across 1 directory with 6 updates

physphile/tempalte-bun-elysia #4

1.3.7 → 1.3.8 Patch PR
Open 5 days ago
physphile
Bump the production-dependencies group across 1 directory with 34 updates

cold-starr/ui-pr1 #14

1.3.7 → 1.3.8 Patch PR
Closed 5 days ago 1 comment
cold-starr
Package Details
Name: better-auth
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/better-auth
JSON API: View JSON
Security Advisories

5

Active advisories
CRITICAL 2
HIGH 1
MODERATE 1
LOW 1
View All npm Advisories
Package Information
Description:

The most comprehensive authentication library for TypeScript.

Repository: https://github.com/better-auth/better-auth
Homepage: https://github.com/better-auth/better-auth#readme
Latest Release: 1.2.8
4 months ago
Dependent Repos: 0
Dependent Packages: 0
Downloads: 422,738
Ranking: Top 30.4529% by dependent repos Top 43.5938% by dependent pkgs
PR Status
Open 326 (55.8%)
Merged 49 (8.4%)
Closed 150 (25.7%)
PR Types
Minor 254 (43.5%)
Major 3 (0.5%)
Patch 267 (45.7%)