Episode 169: In this episode of Critical Thinking - Bug Bounty Podcast gr3pme walks through what OAuth 2.1 actually changes for attackers, covering the MCP auth spec, token pass-through in agentic workflows, and four CVEs that illustrate where the bugs are landing.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to https://twitter.com/realytcracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
https://x.com/Rhynorater
https://x.com/rez0__
https://x.com/gr3pme
Critical Research Lab:
https://lab.ctbb.show/
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
====== This Week in Bug Bounty ======
Intigriti is providing free Burp Pro for Hackers!
https://www.intigriti.com/blog/news/intigriti-collaborates-with-portswigger-to-support-ethical-hacking-excellence
====== Resources ======
Django-allauth Account Takeover (ZeroPath Audit)
https://zeropath.com/blog/django-allauth-account-takeover-vulnerabilities
CVE-2025-4144: Cloudflare Workers PKCE Bypass
https://github.com/cloudflare/workers-oauth-provider/security/advisories/GHSA-qgp8-v765-qxx9
CVE-2025-54576: OAuth2-Proxy Auth Bypass
https://zeropath.com/blog/cve-2025-54576-oauth2-proxy-auth-bypass
====== Timestamps ======
(00:00:00) Introduction
(00:02:16) OAuth 2.0 Standards
(00:12:08) Agent to Agent Communication
(00:17:19) CVE Case studies
