Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

158 matches found

RedhatCVE
RedhatCVEadded 2026/04/14 7:22 a.m.2 views

CVE-2026-40177

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible to bypass the password authentication This vulnerability is fixed in 0.112...

9.3CVSS5.8AI score0.00329EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/13 7:23 p.m.3 views

CVE-2026-40178

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. This vulnerability is fixed in 0.112...

9.1CVSS5.8AI score0.00232EPSS
Exploits0References1
Veracode
Veracodeadded 2026/04/11 5:33 a.m.3 views

Authentication Bypass

ajenti.plugin.core is vulnerable to Authentication Bypass. The vulnerability is due to improper enforcement of password authentication when 2FA is enabled, which allows an attacker to bypass login controls and gain unauthorized access...

9.3CVSS5.8AI score0.00329EPSS
Exploits0References1Affected Software1
Veracode
Veracodeadded 2026/04/11 5:30 a.m.7 views

Ajenti.plugin.core Has Race Conditions In 2FA

Impact If the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. Patches This is fixed in the version 0.112. Users should upgrade to this version as soon as possible...

9.1CVSS5.8AI score0.00232EPSS
Exploits0Affected Software1
NVD
NVDadded 2026/04/10 8:16 p.m.1 views

CVE-2026-40178

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. This vulnerability is fixed in 0.112...

9.1CVSS0.00232EPSS
Exploits0References1
NVD
NVDadded 2026/04/10 8:16 p.m.0 views

CVE-2026-40177

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible to bypass the password authentication This vulnerability is fixed in 0.112...

9.3CVSS0.00329EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/10 7:54 p.m.1 views

EUVD-2026-21577

ajenti.plugin.core has race conditions in 2FA...

9.1CVSS5.8AI score0.00232EPSS
Exploits0References1
Snyk
Snykadded 2026/04/10 7:54 p.m.5 views

Race Condition

Overview ajenti.plugin.core is a Core Affected versions of this package are vulnerable to Race Condition in the 2FA authentication. An attacker can gain unauthorized access by exploiting a timing issue immediately after user authentication, allowing them to bypass intended security checks...

9.1CVSS5.8AI score0.00232EPSS
Exploits0References2
OSV
OSVadded 2026/04/10 7:54 p.m.2 views

GHSA-8647-755Q-FW9P ajenti.plugin.core has race conditions in 2FA

Impact If the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. Patches This is fixed in the version 0.112. Users should upgrade to this version as soon as possible...

9.1CVSS5.8AI score0.00232EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2026/04/10 7:54 p.m.5 views

ajenti.plugin.core has race conditions in 2FA

Impact If the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. Patches This is fixed in the version 0.112. Users should upgrade to this version as soon as possible...

9.1CVSS5.8AI score0.00232EPSS
Exploits0References3Affected Software1
EUVD
EUVDadded 2026/04/10 7:47 p.m.0 views

EUVD-2026-21575

ajenti.plugin.core has password bypass when 2FA is activated...

9.3CVSS5.8AI score0.00329EPSS
Exploits0References1
Snyk
Snykadded 2026/04/10 7:47 p.m.6 views

User Impersonation

Overview ajenti.plugin.core is a Core Affected versions of this package are vulnerable to User Impersonation via 2FA authentication. An attacker can gain unauthorized access by bypassing password authentication. Remediation Upgrade ajenti.plugin.core to version 0.112 or higher. References - GitHu...

9.3CVSS5.8AI score0.00329EPSS
Exploits0References2
OSV
OSVadded 2026/04/10 7:47 p.m.1 views

GHSA-3MCX-6WXM-QR8V ajenti.plugin.core has password bypass when 2FA is activated

Impact If the 2FA was activated, it was possible to bypass the password authentication Patches This is fixed in the version 0.112. Users should upgrade to this version as soon as possible...

9.1CVSS5.8AI score0.00329EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2026/04/10 7:47 p.m.5 views

ajenti.plugin.core has password bypass when 2FA is activated

Impact If the 2FA was activated, it was possible to bypass the password authentication Patches This is fixed in the version 0.112. Users should upgrade to this version as soon as possible...

9.3CVSS5.8AI score0.00329EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2026/04/10 7:30 p.m.17 views

CVE-2026-40178 ajenti.plugin.core has a race conditions in 2FA

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. This vulnerability is fixed in 0.112...

9.1CVSS0.00232EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/10 7:30 p.m.2 views

CVE-2026-40178

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. This vulnerability is fixed in 0.112...

9.1CVSS5.8AI score0.00232EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/10 7:30 p.m.2 views

CVE-2026-40178 ajenti.plugin.core has a race conditions in 2FA

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. This vulnerability is fixed in 0.112...

9.1CVSS5.8AI score0.00232EPSS
Exploits0References1
CVE
CVEadded 2026/04/10 7:30 p.m.7 views

CVE-2026-40178

CVE-2026-40178 affects ajenti.plugin.core in Ajenti. A race condition existed during the window after authentication when 2FA was enabled, allowing bypass of authentication. The issue is fixed in version 0.112. The Connected CVE description confirms the vulnerability and fix; no exploitation deta...

9.1CVSS5.8AI score0.00232EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/04/10 7:29 p.m.2 views

CVE-2026-40177

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible to bypass the password authentication This vulnerability is fixed in 0.112...

9.3CVSS5.8AI score0.00329EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/10 7:29 p.m.3 views

CVE-2026-40177 Password bypass when 2FA is activated

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible to bypass the password authentication This vulnerability is fixed in 0.112...

9.3CVSS5.8AI score0.00329EPSS
Exploits0References1
Rows per page
Query Builder