Oct 22025 OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps OneLogin flaw CVE-2025–59363 exposed OIDC client secrets; patched in 2025.3.0 with no exploitation reported.
