Lucene search
+L

155 matches found

Vulnrichment
Vulnrichment
added 2026/03/24 3:18 p.m.4 views

CVE-2026-33473 Vikunja has TOTP Reuse During Validity Window

Vikunja is an open-source self-hosted task management platform. Starting in version 0.13 and prior to version 2.2.1, any user that has enabled 2FA can have their TOTP reused during the standard 30 second validity window. Version 2.2.1 patches the issue...

5.7CVSS5.8AI score0.00258EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.7 views

Vikunja 授权问题漏洞

Vikunja is an open-source to-do application developed by Vikunja developers. In versions 0.13 to 2.2.1 of Vikunja, there was a vulnerability related to authorization. This vulnerability occurred because users who enabled two-factor authentication could reuse TOTP within the standard 30-second...

5.7CVSS6.4AI score0.00258EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/23 6:16 p.m.3 views

Replay Attack

Overview Affected versions of this package are vulnerable to Replay Attack via the TOTP authentication process. An attacker can bypass authentication controls by reusing a valid TOTP code within its validity window. Remediation Upgrade github.com/go-vikunja/vikunja/pkg/user to version 2.2.1 or...

6.9CVSS5.9AI score0.00258EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/23 6:16 p.m.2 views

Replay Attack

Overview Affected versions of this package are vulnerable to Replay Attack via the TOTP authentication process. An attacker can bypass authentication controls by reusing a valid TOTP code within its validity window. Remediation Upgrade code.vikunja.io/api/pkg/user to version 2.2.1 or higher...

6.9CVSS5.9AI score0.00258EPSS
Exploits1References3
OSV
OSV
added 2026/03/23 6:16 p.m.4 views

GO-2026-4805 Vikunja has TOTP Reuse During Validity Window in code.vikunja.io/api

Vikunja has TOTP Reuse During Validity Window in code.vikunja.io/api. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest...

5.7CVSS5.8AI score0.00258EPSS
Exploits1References1
OSV
OSV
added 2026/03/20 8:43 p.m.4 views

GHSA-P747-QC5P-773R Vikunja has TOTP Reuse During Validity Window

Summary Any user that has enabled 2FA can have their TOTP reused during the standard 30 second validity window. Details The below code is called when a user that has 2FA is authenticating to the application. Once they submit a valid username-password-totp combination, the user gets authenticated...

5.7CVSS5.9AI score0.00258EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/03/20 8:43 p.m.10 views

Vikunja has TOTP Reuse During Validity Window

Summary Any user that has enabled 2FA can have their TOTP reused during the standard 30 second validity window. Details The below code is called when a user that has 2FA is authenticating to the application. Once they submit a valid username-password-totp combination, the user gets authenticated...

5.7CVSS5.9AI score0.00258EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.5 views

PT-2026-26763

Name of the Vulnerable Software and Affected Versions Vikunja affected versions not specified Description A flaw exists where a Time-based One-Time Password TOTP used for successful 2FA authentication can be reused within its 30-second validity window, allowing subsequent authentication attempts...

5.7CVSS5.9AI score0.00258EPSS
Exploits1References7
GitLab Advisory Database
GitLab Advisory Database
added 2026/03/20 12:0 a.m.8 views

Vikunja has TOTP Reuse During Validity Window

Any user that has enabled 2FA can have their TOTP reused during the standard 30 second validity window...

5.7CVSS5.8AI score0.00258EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/18 7:48 p.m.9 views

ApostropheCMS MFA/TOTP Bypass via Incorrect MongoDB Query in Bearer Token Middleware

MFA/TOTP Bypass via Incorrect MongoDB Query in Bearer Token Middleware Summary The bearer token authentication middleware in @apostrophecms/express/index.js lines 386-389 contains an incorrect MongoDB query that allows incomplete login tokens — where the password was verified but TOTP/MFA...

8.1CVSS5.9AI score0.00362EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2026/03/16 2:19 p.m.6 views

CVE-2026-32729

Runtipi is a personal homeserver orchestrator. Prior to 4.8.1, The Runtipi /api/auth/verify-totp endpoint does not enforce any rate limiting, attempt counting, or account lockout mechanism. An attacker who has obtained a user's valid credentials via phishing, credential stuffing, or data breach c...

8.8CVSS0.0034EPSS
Exploits1References1
OSV
OSV
added 2026/03/13 9:41 p.m.6 views

CVE-2026-32729 Runtipi has a TOTP two-factor authentication bypass via unrestricted brute-force on `/api/auth/verify-totp`

Runtipi is a personal homeserver orchestrator. Prior to 4.8.1, The Runtipi /api/auth/verify-totp endpoint does not enforce any rate limiting, attempt counting, or account lockout mechanism. An attacker who has obtained a user's valid credentials via phishing, credential stuffing, or data breach c...

8.1CVSS5.9AI score0.0034EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/12 6:59 p.m.4 views

CVE-2026-32246 Tinyauth vulnerable to TOTP/2FA bypass via OIDC authorize endpoint

Tinyauth is an authentication and authorization server. Prior to 5.0.3, the OIDC authorization endpoint allows users with a TOTP-pending session password verified, TOTP not yet completed to obtain authorization codes. An attacker who knows a user's password but not their TOTP secret can obtain...

8.5CVSS5.8AI score0.0027EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/12 6:59 p.m.5 views

CVE-2026-32246

Tinyauth is an authentication and authorization server. Prior to 5.0.3, the OIDC authorization endpoint allows users with a TOTP-pending session password verified, TOTP not yet completed to obtain authorization codes. An attacker who knows a user's password but not their TOTP secret can obtain...

8.5CVSS5.8AI score0.0027EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/03/12 4:38 p.m.5 views

EUVD-2026-11681

Tinyauth vulnerable to TOTP/2FA bypass via OIDC authorize endpoint...

8.5CVSS5.8AI score0.0027EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/12 4:38 p.m.8 views

Tinyauth vulnerable to TOTP/2FA bypass via OIDC authorize endpoint

Summary The OIDC authorization endpoint allows users with a TOTP-pending session password verified, TOTP not yet completed to obtain authorization codes. An attacker who knows a user's password but not their TOTP secret can obtain valid OIDC tokens, completely bypassing the second factor. Details...

8.5CVSS5.9AI score0.0027EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.7 views

Tinyauth 授权问题漏洞

Tinyauth is an authentication and authorization server developed by Stavros personally. Versions of Tinyauth prior to 5.0.3 had vulnerabilities related to authorization. This vulnerability stemmed from the OIDC authorization endpoint, which allowed users with pending TOTP sessions to obtain...

8.5CVSS7.3AI score0.0027EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.8 views

PT-2026-25056

Name of the Vulnerable Software and Affected Versions Tinyauth versions prior to 5.0.3 Description Tinyauth is an authentication and authorization server. The OIDC authorization endpoint allows users with a TOTP-pending session password verified, TOTP not yet completed to obtain authorization...

9.9CVSS7.2AI score0.22162EPSS
Exploits70References138
Veracode
Veracode
added 2026/02/18 4:59 a.m.8 views

Improper Authentication

pterodactyl/panel is vulnerable to Improper Authentication. The vulnerability is due to failure to properly invalidate or mark TOTP tokens as used within their validity window, which allows an attacker who intercepts a valid 2FA token to reuse it along with known credentials to bypass two-factor...

6.5CVSS5.5AI score0.00321EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/09 8:34 p.m.8 views

CVE-2026-25791

Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to 1.7.0, the DNS C2 listener accepts unauthenticated TOTP bootstrap messages and allocates server-side DNS sessions without validating OTP values, even when EnforceOTP is enabled. Because sessions are stored...

7.5CVSS5.7AI score0.00407EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder