Lucene search
K

9 matches found

Cvelist
Cvelist
added 2026/06/24 9:6 p.m.14 views

CVE-2026-55666 Rocket.Chat: Email Parameter Fallback Leads To Account Takeover Within Apple OAuth

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, in apps/meteor/app/apple/server/loginHandler.ts, handleIdentityToken parses a JWT issued by Apple during the OAuth flow. The try block checks for an...

9.3CVSS0.00295EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/13 7:23 p.m.6 views

CVE-2026-34727

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the OIDC callback handler issues a full JWT token without checking whether the matched user has TOTP two-factor authentication enabled. When a local user with TOTP enrolled is matched via the OIDC email fallback...

9.1CVSS5.8AI score0.00281EPSS
Exploits1References1
NVD
NVD
added 2026/04/10 4:16 p.m.4 views

CVE-2026-34727

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the OIDC callback handler issues a full JWT token without checking whether the matched user has TOTP two-factor authentication enabled. When a local user with TOTP enrolled is matched via the OIDC email fallback...

9.1CVSS0.00281EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/10 3:45 p.m.25 views

CVE-2026-34727 Vikunja ahs a TOTP Two-Factor Authentication Bypass via OIDC Login Path

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the OIDC callback handler issues a full JWT token without checking whether the matched user has TOTP two-factor authentication enabled. When a local user with TOTP enrolled is matched via the OIDC email fallback...

7.4CVSS0.00281EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/10 3:30 p.m.10 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in the OIDC login process when the EmailFallback mechanism is enabled. An attacker can gain unauthorized access to accounts protected by TOTP by authenticating to the OIDC provider with a matching email address,...

9.1CVSS5.8AI score0.00281EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/10 3:30 p.m.4 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in the OIDC login process when the EmailFallback mechanism is enabled. An attacker can gain unauthorized access to accounts protected by TOTP by authenticating to the OIDC provider with a matching email address,...

9.1CVSS5.8AI score0.00281EPSS
Exploits1References2
OSV
OSV
added 2026/04/10 3:30 p.m.2 views

GHSA-8JVC-MCX6-R4CG Vikunja has TOTP Two-Factor Authentication Bypass via OIDC Login Path

Summary The OIDC callback handler issues a full JWT token without checking whether the matched user has TOTP two-factor authentication enabled. When a local user with TOTP enrolled is matched via the OIDC email fallback mechanism, the second factor is completely skipped. Details The OIDC callback...

7.4CVSS5.9AI score0.00281EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/04/10 3:30 p.m.5 views

Vikunja has TOTP Two-Factor Authentication Bypass via OIDC Login Path

Summary The OIDC callback handler issues a full JWT token without checking whether the matched user has TOTP two-factor authentication enabled. When a local user with TOTP enrolled is matched via the OIDC email fallback mechanism, the second factor is completely skipped. Details The OIDC callback...

9.1CVSS5.9AI score0.00281EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.4 views

PT-2026-31944

Name of the Vulnerable Software and Affected Versions: Vikunja versions prior to 2.3.0 Description: A flaw exists in the OIDC callback handler where a full JWT token is issued without verifying TOTP two-factor authentication status for the matched user. Specifically, when a local user with TOTP...

9.1CVSS5.9AI score0.00281EPSS
Exploits1References10
Rows per page
Query Builder