Lucene search
K

9 matches found

OSV
OSV
added 5 days ago5 views

PYSEC-2026-266 ajenti.plugin.core has password bypass when 2FA is activated

Impact If the 2FA was activated, it was possible to bypass the password authentication Patches This is fixed in the version 0.112. Users should upgrade to this version as soon as possible...

9.1CVSS5.8AI score0.00329EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/14 7:22 a.m.4 views

CVE-2026-40177

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible to bypass the password authentication This vulnerability is fixed in 0.112...

9.3CVSS5.8AI score0.00329EPSS
Exploits0References1
Veracode
Veracode
added 2026/04/11 5:30 a.m.12 views

Ajenti.plugin.core Has Race Conditions In 2FA

Impact If the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. Patches This is fixed in the version 0.112. Users should upgrade to this version as soon as possible...

9.1CVSS5.8AI score0.00232EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/04/10 8:16 p.m.5 views

CVE-2026-40178

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. This vulnerability is fixed in 0.112...

9.1CVSS0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/04/10 8:16 p.m.2 views

CVE-2026-40177

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible to bypass the password authentication This vulnerability is fixed in 0.112...

9.3CVSS0.00329EPSS
Exploits0References1
CVE
CVE
added 2026/04/10 7:30 p.m.9 views

CVE-2026-40178

CVE-2026-40178 affects ajenti.plugin.core in Ajenti. A race condition existed during the window after authentication when 2FA was enabled, allowing bypass of authentication. The issue is fixed in version 0.112. The Connected CVE description confirms the vulnerability and fix; no exploitation deta...

9.1CVSS5.8AI score0.00232EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/10 7:30 p.m.3 views

CVE-2026-40178 ajenti.plugin.core has a race conditions in 2FA

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. This vulnerability is fixed in 0.112...

9.1CVSS5.8AI score0.00232EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/10 7:29 p.m.3 views

CVE-2026-40177

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible to bypass the password authentication This vulnerability is fixed in 0.112...

9.3CVSS5.8AI score0.00329EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.5 views

PT-2026-32031

Name of the Vulnerable Software and Affected Versions ajenti.plugin.core versions prior to 0.112 Description Prior to version 0.112, if two-factor authentication 2FA was enabled, password authentication could be bypassed. This allowed unauthorized access to the system. Recommendations Upgrade to...

9.3CVSS5.8AI score0.00329EPSS
Exploits0References12
Rows per page
Query Builder