Lucene search
K

2540 matches found

Snyk
Snyk
added 2026/04/10 3:34 p.m.4 views

Brute Force

Overview Affected versions of this package are vulnerable to Brute Force due to improper enforcement of authentication lockout in the login process. An attacker can gain unauthorized access to accounts protected by two-factor authentication by repeatedly submitting incorrect TOTP codes without...

8.2CVSS5.8AI score0.00296EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/10 3:34 p.m.4 views

Brute Force

Overview Affected versions of this package are vulnerable to Brute Force due to improper enforcement of authentication lockout in the login process. An attacker can gain unauthorized access to accounts protected by two-factor authentication by repeatedly submitting incorrect TOTP codes without...

8.2CVSS5.8AI score0.00296EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/10 3:30 p.m.3 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in the OIDC login process when the EmailFallback mechanism is enabled. An attacker can gain unauthorized access to accounts protected by TOTP by authenticating to the OIDC provider with a matching email address,...

9.1CVSS5.8AI score0.00281EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/10 3:30 p.m.2 views

EUVD-2026-21414

Vikunja has TOTP Two-Factor Authentication Bypass via OIDC Login Path...

7.4CVSS5.8AI score0.00281EPSS
Exploits1References4
OSV
OSV
added 2026/04/10 3:30 p.m.2 views

GHSA-8JVC-MCX6-R4CG Vikunja has TOTP Two-Factor Authentication Bypass via OIDC Login Path

Summary The OIDC callback handler issues a full JWT token without checking whether the matched user has TOTP two-factor authentication enabled. When a local user with TOTP enrolled is matched via the OIDC email fallback mechanism, the second factor is completely skipped. Details The OIDC callback...

7.4CVSS5.9AI score0.00281EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/04/10 3:30 p.m.4 views

Vikunja has TOTP Two-Factor Authentication Bypass via OIDC Login Path

Summary The OIDC callback handler issues a full JWT token without checking whether the matched user has TOTP two-factor authentication enabled. When a local user with TOTP enrolled is matched via the OIDC email fallback mechanism, the second factor is completely skipped. Details The OIDC callback...

9.1CVSS5.9AI score0.00281EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.4 views

PT-2026-31944

Name of the Vulnerable Software and Affected Versions: Vikunja versions prior to 2.3.0 Description: A flaw exists in the OIDC callback handler where a full JWT token is issued without verifying TOTP two-factor authentication status for the matched user. Specifically, when a local user with TOTP...

9.1CVSS5.9AI score0.00281EPSS
Exploits1References10
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.5 views

Vikunja 授权问题漏洞

Vikunja is an open-source to-do application developed by Vikunja. Versions of Vikunja prior to 2.3.0 had an authorization vulnerability. This vulnerability stemmed from the OIDC callback handler, which issued full JWT tokens without checking whether the matching user had enabled TOTP two-factor...

9.1CVSS5.8AI score0.00281EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.3 views

PT-2026-32032

ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. This vulnerability is fixed in 0.112...

9.1CVSS5.8AI score0.00232EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.5 views

PT-2026-32031

Name of the Vulnerable Software and Affected Versions ajenti.plugin.core versions prior to 0.112 Description Prior to version 0.112, if two-factor authentication 2FA was enabled, password authentication could be bypassed. This allowed unauthorized access to the system. Recommendations Upgrade to...

9.3CVSS5.8AI score0.00329EPSS
Exploits0References12
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.12 views

ajenti 授权问题漏洞

Ajenti is an open-source Linux and BSD-based modular server management panel developed by ajenti. Prior to version 0.112, there were authorization-related vulnerabilities in Ajenti. These vulnerabilities stemmed from the possibility of bypassing password authentication when two-factor...

9.3CVSS5.8AI score0.00329EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/09 4:12 p.m.26 views

CVE-2026-39943 Directus exposes sensitive fields in revision history

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus stores revision records in directusrevisions whenever items are created or updated. Due to the revision snapshot code not consistently calling the prepareDelta sanitization pipeline,...

6.5CVSS0.0017EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/09 4:12 p.m.2 views

CVE-2026-39943 Directus exposes sensitive fields in revision history

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus stores revision records in directusrevisions whenever items are created or updated. Due to the revision snapshot code not consistently calling the prepareDelta sanitization pipeline,...

6.5CVSS5.9AI score0.0017EPSS
Exploits0References2
CVE
CVE
added 2026/04/09 4:12 p.m.29 views

CVE-2026-39943

CVE-2026-39943 (Directus) affects Directus prior to v11.17.0. The revision-snapshot path writes revisions to directus_revisions without consistently applying the prepareDelta sanitization, potentially storing sensitive fields (tokens, 2FA secrets, external auth identifiers, auth data, credentials...

6.5CVSS6AI score0.0017EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/09 4:12 p.m.3 views

CVE-2026-39943

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus stores revision records in directusrevisions whenever items are created or updated. Due to the revision snapshot code not consistently calling the prepareDelta sanitization pipeline,...

6.5CVSS6AI score0.0017EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.6 views

CVE-2026-35442

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, aggregate functions min, max applied to fields with the conceal special type incorrectly return raw database values instead of the masked placeholder. When combined with groupBy, any authenticated...

8.1CVSS5.9AI score0.00337EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.5 views

CVE-2026-35411

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus is vulnerable to an open redirect via the redirect query parameter on the /admin/tfa-setup page. When an administrator who has not yet configured Two-Factor Authentication 2FA visits a...

4.3CVSS5.9AI score0.00256EPSS
Exploits0References1
NVD
NVD
added 2026/04/06 10:16 p.m.6 views

CVE-2026-35411

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus is vulnerable to an open redirect via the redirect query parameter on the /admin/tfa-setup page. When an administrator who has not yet configured Two-Factor Authentication 2FA visits a...

4.3CVSS0.00256EPSS
Exploits0References1
NVD
NVD
added 2026/04/06 10:16 p.m.11 views

CVE-2026-35442

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, aggregate functions min, max applied to fields with the conceal special type incorrectly return raw database values instead of the masked placeholder. When combined with groupBy, any authenticated...

8.1CVSS0.00337EPSS
Exploits0References1
CVE
CVE
added 2026/04/06 9:36 p.m.17 views

CVE-2026-35442

CVE-2026-35442 affects Directus prior to 11.17.0, where aggregate functions (min/max) on fields with the concealed type can return raw database values instead of masked placeholders. When used with groupBy, any authenticated user with read access to the affected collection can extract concealed v...

8.1CVSS5.9AI score0.00337EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder