Lucene search
+L

155 matches found

SUSE CVE
SUSE CVE
added 2026/05/20 3:2 a.m.10 views

SUSE CVE-2025-6014

Vault and Vault Enterprise's “Vault” TOTP Secrets Engine code validation endpoint is susceptible to code reuse within its validity period. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23...

6.5CVSS5.9AI score0.00356EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/18 3:36 p.m.27 views

eduMFA: Incorrect InnoDB snapshot isolation possibly allows token reusage

Impact For deployments using MySQL or MariaDB = 11.6.2 the default is ON, which is not affected - Same rules applies for Galera with underlying MariaDB Patches Fixed in version 2.9.1 by locking rows prior to write with SELECT FOR UPDATE. Workarounds Set innodbsnapshotisolation to ON default in...

5.8AI score
Exploits0References2Affected Software1
Veracode
Veracode
added 2026/05/16 5:31 a.m.12 views

Exposure Of Sensitive Information

io.github.davidalmeidac, sealed-env-core is vulnerable to Exposure of Sensitive Information. The vulnerability is due to embedding the operator’s plaintext TOTP secret in the base64-encoded JWS payload of minted unseal tokens, which allows an attacker to decode observed tokens from logs,...

9.1CVSS5.8AI score0.00326EPSS
Exploits1References1Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/15 9:31 p.m.11 views

Duplicate Advisory: phpMyFAQ enables unauthenticated 2FA brute-force attack via /admin/check acceptance of arbitrary user-id

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9pq7-mfwh-xx2j. This link is maintained to preserve external references. Original Description phpMyFAQ before 4.1.2 contains an improper restriction of excessive authentication attempts vulnerability in the...

9.3CVSS5.6AI score0.00339EPSS
Exploits0References4Affected Software2
Vulnrichment
Vulnrichment
added 2026/05/15 5:41 p.m.11 views

CVE-2026-46474 Trog::TOTP versions before 1.006 for Perl generate secrets using rand

Trog::TOTP versions before 1.006 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...

5.8AI score0.00316EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/15 5:41 p.m.11 views

EUVD-2026-30577

Trog::TOTP versions before 1.006 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...

5.8AI score0.00316EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/12 8:20 a.m.8 views

CVE-2026-42452

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, /users/login issues a temporary JWT temptoken for TOTP-enabled accounts. That token carries a pendingTOTP state and should only be valid for the second-factor flow...

8.1CVSS5.7AI score0.00306EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.7 views

sealed-env 信息泄露漏洞

Sealed-Env is a cross-platform zero-trust key management library developed by David Almeida. It supports encrypted storage and TOTP verification. Versions of Sealed-Env from 0.1.0-alpha.1 to 0.1.0-alpha.3 contained information leakage vulnerabilities. These vulnerabilities stemmed from the fact...

9.1CVSS5.8AI score0.00326EPSS
Exploits1References1
OSV
OSV
added 2026/05/08 10:54 p.m.3 views

CVE-2026-42452 Termix: Pending-TOTP temporary token can regenerate backup codes and neutralize TOTP

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, /users/login issues a temporary JWT temptoken for TOTP-enabled accounts. That token carries a pendingTOTP state and should only be valid for the second-factor flow...

8.1CVSS5.9AI score0.00306EPSS
Exploits0References4
CVE
CVE
added 2026/05/07 2:59 a.m.15 views

CVE-2026-41660

Admidio prior to version 5.0.9 contains an inverted authorization check in two_factor_authentication.php that allows non-admin group leaders with profile edit rights on an admin account to strip that admin’s 2FA, compromising admin accounts. The issue is fixed in 5.0.9; upgrade to 5.0.9+ to mitig...

7.1CVSS5.7AI score0.00297EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.19 views

Admidio 安全漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Prior to Admidio 5.0.9, there were security vulnerabilities. These vulnerabilities stemmed fr...

7.1CVSS5.8AI score0.00297EPSS
Exploits0References1
OSV
OSV
added 2026/05/06 8:42 p.m.8 views

GHSA-9PQ7-MFWH-XX2J phpMyFAQ enables unauthenticated 2FA brute-force attack via /admin/check acceptance of arbitrary user-id

Summary The /admin/check endpoint in AuthenticationController implements SkipsAuthenticationCheck, making it reachable without any prior authentication. An anonymous attacker Bob can POST arbitrary user-id and token values to brute-force any user's 6-digit TOTP code. No rate limiting exists. The...

9.1CVSS6.1AI score0.00339EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/06 8:21 p.m.12 views

CVE-2026-28510

eLabFTW is an open source electronic lab notebook. In elabftw versions through 5.4.1, the login flow did not reliably preserve the multi-factor authentication state across authentication steps. Under certain conditions, an attacker with valid primary credentials could complete authentication with...

5.9CVSS5.8AI score0.00254EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/05 12:28 p.m.8 views

EUVD-2026-27311

eLabFTW is an open source electronic lab notebook. In elabftw versions through 5.4.1, the login flow did not reliably preserve the multi-factor authentication state across authentication steps. Under certain conditions, an attacker with valid primary credentials could complete authentication with...

5.9CVSS5.8AI score0.00254EPSS
Exploits0References2
OSV
OSV
added 2026/05/05 12:28 p.m.4 views

CVE-2026-28510 elabftw allows MFA bypass during login

eLabFTW is an open source electronic lab notebook. In elabftw versions through 5.4.1, the login flow did not reliably preserve the multi-factor authentication state across authentication steps. Under certain conditions, an attacker with valid primary credentials could complete authentication with...

5.9CVSS5.9AI score0.00254EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/13 7:25 p.m.11 views

CVE-2026-4116

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication...

7.2CVSS5.8AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/13 7:25 p.m.6 views

CVE-2026-4114

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication...

6.6CVSS5.8AI score0.00597EPSS
Exploits0References1
NVD
NVD
added 2026/04/10 5:17 p.m.7 views

CVE-2026-35597

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the TOTP failed-attempt lockout mechanism is non-functional due to a database transaction handling bug. When a TOTP validation fails, the login handler in pkg/routes/api/v1/login.go calls HandleFailedTOTPAuth and then...

7.5CVSS0.00296EPSS
Exploits1References4
NVD
NVD
added 2026/04/10 4:16 p.m.4 views

CVE-2026-34727

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the OIDC callback handler issues a full JWT token without checking whether the matched user has TOTP two-factor authentication enabled. When a local user with TOTP enrolled is matched via the OIDC email fallback...

9.1CVSS0.00281EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/10 4:3 p.m.27 views

CVE-2026-35597 Vikunja Affected by TOTP Brute-Force Due to Non-Functional Account Lockout

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the TOTP failed-attempt lockout mechanism is non-functional due to a database transaction handling bug. When a TOTP validation fails, the login handler in pkg/routes/api/v1/login.go calls HandleFailedTOTPAuth and then...

5.9CVSS0.00296EPSS
Exploits1References4
Rows per page
Query Builder