Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.3 views

CVE-2026-31875

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.7 and 8.6.33, when multi-factor authentication MFA via TOTP is enabled for a user account, Parse Server generates two single-use recovery codes. These codes are intended as...

8.2CVSS5.9AI score0.0044EPSS
Exploits0References1
NVD
NVD
added 2026/03/11 6:16 p.m.4 views

CVE-2026-31875

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.7 and 8.6.33, when multi-factor authentication MFA via TOTP is enabled for a user account, Parse Server generates two single-use recovery codes. These codes are intended as...

8.2CVSS0.0044EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/11 6:4 p.m.5 views

CVE-2026-31875

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.7 and 8.6.33, when multi-factor authentication MFA via TOTP is enabled for a user account, Parse Server generates two single-use recovery codes. These codes are intended as...

8.2CVSS5.8AI score0.0044EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/11 6:4 p.m.29 views

CVE-2026-31875 Parse Server MFA recovery codes not consumed after use

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.7 and 8.6.33, when multi-factor authentication MFA via TOTP is enabled for a user account, Parse Server generates two single-use recovery codes. These codes are intended as...

8.2CVSS0.0044EPSS
Exploits0References3
CVE
CVE
added 2026/03/11 6:4 p.m.13 views

CVE-2026-31875

Parse Server MFA recovery codes are not consumed after use in versions prior to 9.6.0-alpha.7 and 8.6.33, allowing an attacker to reuse a single recovery code to repeatedly authenticate. The issue affects Node.js deployments of Parse Server and weakens MFA security. The fix is in 9.6.0-alpha.7 an...

8.2CVSS5.8AI score0.0044EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/10/27 12:0 a.m.6 views

TGCaptcha2 Replay Attack Vulnerability

TGCaptcha2 is a suite of tools that provide a reduction in spam or malicious activity by combining CAPTCHAs as a single form. A replay attack vulnerability exists in TGCaptcha2 version 0.3.0. An attacker can exploit the vulnerability to use the same CAPTCHA an unlimited number of times...

7.5CVSS9.2AI score0.01332EPSS
Exploits0References1
Rows per page
Query Builder