594 matches found
CVE-2026-57867
MicroRealEstate allows adversaries to bypass authentication due to a lack of token state management. This would permit adversaries targeting MicroRealEstate deployments to brute-force One-Time Passwords OTP to log in as any user. This issue affects MicroRealEstate: through 1.0.0-alpha3...
CVE-2026-57867
MicroRealEstate allows adversaries to bypass authentication due to a lack of token state management. This would permit adversaries targeting MicroRealEstate deployments to brute-force One-Time Passwords OTP to log in as any user. This issue affects MicroRealEstate: through 1.0.0-alpha3...
CVE-2026-57867
MicroRealEstate allows adversaries to bypass authentication due to a lack of token state management. This would permit adversaries targeting MicroRealEstate deployments to brute-force One-Time Passwords OTP to log in as any user. This issue affects MicroRealEstate: through 1.0.0-alpha3...
CVE-2026-20779
Gitea prior to 1.26.3 (versions from 1.5.0 up to
EUVD-2026-40922
The SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.9.5. This is due to the plugin not properly validating a user's identity prior to updati...
CVE-2026-11387
The CVE concerns the WordPress plugin SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery (versions up to 3.9.5). The vulnerability allows unauthenticated privilege escalation via account takeover by exploiting flawed identity validation before updating user detai...
CVE-2026-54036
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the GET /api/auth/2fa/enable endpoint can be called by an authenticated user or attacker with a stolen session even when 2FA is already fully enabled on the account. This endpoint overwrites the existi...
CVE-2026-54040 LibreChat: 2FA Backup Code Regeneration Without OTP Verification Allows 2FA Bypass
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the POST /api/auth/2fa/backup/regenerate endpoint regenerates all 2FA backup codes without requiring any TOTP token or existing backup code verification. An attacker with a stolen session token can...
CVE-2026-54036
CVE-2026-54036 (LibreChat) describes a vulnerability where the GET /api/auth/2fa/enable endpoint can be invoked by an authenticated user (or attacker with a stolen session) even when 2FA is fully enabled. The call overwrites the existing TOTP secret, regenerates backup codes, and sets twoFactorEn...
CVE-2026-56338
Capgo before 12.128.2 contains a denial of service vulnerability in the /auth/v1/otp endpoint that prevents email verification for two-factor authentication due to captcha validation failures. Authenticated users cannot complete 2FA enrollment as the backend consistently returns HTTP 500 errors...
CVE-2026-56338 Capgo - Denial of Service in 2FA Email Verification via /auth/v1/otp Endpoint
Capgo before 12.128.2 contains a denial of service vulnerability in the /auth/v1/otp endpoint that prevents email verification for two-factor authentication due to captcha validation failures. Authenticated users cannot complete 2FA enrollment as the backend consistently returns HTTP 500 errors...
CVE-2026-56450
AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...
CVE-2026-56450
CVE-2026-56450 relates to the AIL Framework where the OTP (2FA) verification lacked rate-limiting, allowing unlimited OTP attempts after reaching the 2FA step. Root cause: no per-user throttling on failed OTPs. Impact: potential brute-force of OTPs enabling unauthorized access. The patch adds per...
EUVD-2026-38092
Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by modifying server responses. Attackers can intercept OTP verification requests and manipulate HTTP responses to falsely mark verification successful,...
CVE-2026-56073
Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by modifying server responses. Attackers can intercept OTP verification requests and manipulate HTTP responses to falsely mark verification successful,...
CVE-2026-56073 Cap-go - OTP Bypass via Response Manipulation in Email Verification
Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by modifying server responses. Attackers can intercept OTP verification requests and manipulate HTTP responses to falsely mark verification successful,...
PT-2026-51036
Name of the Vulnerable Software and Affected Versions Cap-go versions prior to 12.128.2 Description An authentication bypass exists in the OTP One-Time Password verification process. Attackers can intercept OTP verification requests and manipulate HTTP responses to falsely indicate that...
CVE-2025-66391
In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write operations, e.g., the system will send a one-time password to an attacker-controlled email address when the attacker attempts to reset the password of a user account...
CVE-2025-66391
In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write operations, e.g., the system will send a one-time password to an attacker-controlled email address when the attacker attempts to reset the password of a user account...
CVE-2026-6853 OTP Bypass in Başbelen Group's Pause+ Mobile App
Improper restriction of excessive authentication attempts vulnerability in Başbelen Group Food Cafe Businesses Industry and Trade Ltd. Co. Pause+ Mobile App allows Authentication Bypass. This issue affects Pause+ Mobile App: from v1.0.6 before v1.5...