OTP Leaking Through Cookie Leads to Account Takeover 12 December 2022 The title is all you really need on this one, the OTP was reflected in the cookies so no need to actually receive it.
RCE in Tailscale, DNS Rebinding, and You [CVE-2022-41924] 28 November 2022 A number of bugs in Tailscale leading to an RCE chain.