CVE-2026-49319 Alps Electric Co., Ltd. R53R0 Remote Keyless Entry System (RKES) Replay Attack

Remote Keyless Entry System RKES, using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a roll-back attack against its rolling-code authentication. An attacker within RF range who records two consecutive lock or unlock transmissions from a...

CVE-2026-32987

OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing verification in src/infra/device-bootstrap.ts. Attackers can verify a valid bootstrap code multiple times before approval to escalate pending pairing scopes, including privilege escalation to operator.admi...

CVE-2025-67135

Weak Security in the PF-50 1.2 keyfob of PGST PG107 Alarm System 1.25.05.hf allows attackers to compromise access control via a code replay attack...

CVE-2025-67135

Weak Security in the PF-50 1.2 keyfob of PGST PG107 Alarm System 1.25.05.hf allows attackers to compromise access control via a code replay attack...

CVE-2025-67135

Weak Security in the PF-50 1.2 keyfob of PGST PG107 Alarm System 1.25.05.hf allows attackers to compromise access control via a code replay attack...

CVE-2025-67135

Weak Security in the PF-50 1.2 keyfob of PGST PG107 Alarm System 1.25.05.hf allows attackers to compromise access control via a code replay attack...

CVE-2025-67135

CVE-2025-67135 affects PGST PG107 Alarm System 1.25.05.hf via the PF-50 1.2 keyfob. The root cause is weak security in the keyfob enabling code replay attacks that compromise access control. Exploitation is not described in the provided documents; CVSSv3.1 indicates a critical impact (AV:N/AC:L/P...

CVE-2025-67135

Weak Security in the PF-50 1.2 keyfob of PGST PG107 Alarm System 1.25.05.hf allows attackers to compromise access control via a code replay attack...

PT-2026-7741

Name of the Vulnerable Software and Affected Versions PGST PG107 Alarm System version 1.25.05.hf PF-50 keyfob version 1.2 Description A security weakness exists in the PF-50 1.2 keyfob used with the PGST PG107 Alarm System version 1.25.05.hf. This weakness allows attackers to compromise access...

CVE-2023-31761

Weak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows attackers to gain full access to the system via a code replay attack...

CVE-2023-31762

Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to gain full access to the system via a code replay attack...

EUVD-2023-36050

Malicious code in bioql PyPI...

EUVD-2023-36054

Malicious code in bioql PyPI...

EUVD-2023-38608

Malicious code in bioql PyPI...

EUVD-2023-36052

Malicious code in bioql PyPI...

EUVD-2023-36053

Malicious code in bioql PyPI...

CVE-2023-31759

Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack...

CVE-2023-34553

An issue was discovered in WAFU Keyless Smart Lock v1.0 allows attackers to unlock a device via code replay attack...

CVE-2023-31763

Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access to the system via a code replay attack...

MFA Code Replay Attacks

github.com/mattermost/mattermost-server is vulnerable to MFA code replay attacks. The vulnerability is due to insufficient validation of MFA codes, which allows attackers to reuse the same codes within approximately 30 seconds...