493 matches found
PT-2026-26797
The WP-WebAuthn plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the wwa auth AJAX endpoint in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping on user supplied attributes logged by the plugin. This makes it...
CVE-2026-30964 Webauthn Framework: allowed_origins collapses URL-like origins to host-only values, bypassing exact origin validation
web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. Prior to 5.2.4, when allowedorigins is configured, CheckAllowedOrigins reduces URL-like values to their host component and...
CVE-2026-30964 Webauthn Framework: allowed_origins collapses URL-like origins to host-only values, bypassing exact origin validation
web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. Prior to 5.2.4, when allowedorigins is configured, CheckAllowedOrigins reduces URL-like values to their host component and...
CVE-2026-30964
The connected GHSA entry describes a concrete vulnerability in Webauthn Framework: when allowed_origins is configured, CheckAllowedOrigins reduces URL-like origins to their host, causing mismatched origins (scheme/port) to be treated as the same host. This bypasses the strict origin validation re...
CVE-2026-30964 Webauthn Framework: allowed_origins collapses URL-like origins to host-only values, bypassing exact origin validation
web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. Prior to 5.2.4, when allowedorigins is configured, CheckAllowedOrigins reduces URL-like values to their host component and...
EUVD-2026-10705
Webauthn Framework: allowedorigins collapses URL-like origins to host-only values, bypassing exact origin validation...
Origin Validation Error
Overview Affected versions of this package are vulnerable to Origin Validation Error in the CheckAllowedOrigins process. An attacker can bypass strict origin validation by submitting authentication or registration responses with a manipulated origin value that matches only the host component,...
Webauthn Framework: allowed_origins collapses URL-like origins to host-only values, bypassing exact origin validation
Summary When allowedorigins is configured, CheckAllowedOrigins reduces URL-like values to their host component and accepts on host match alone. This makes exact origin policies impossible to express: scheme and port differences are silently ignored. Details CheckAllowedOrigins stores each...
GHSA-F7PM-6HR8-7GGM Webauthn Framework: allowed_origins collapses URL-like origins to host-only values, bypassing exact origin validation
Summary When allowedorigins is configured, CheckAllowedOrigins reduces URL-like values to their host component and accepts on host match alone. This makes exact origin policies impossible to express: scheme and port differences are silently ignored. Details CheckAllowedOrigins stores each...
PT-2026-24193
Name of the Vulnerable Software and Affected Versions web-auth/webauthn-lib versions prior to 5.2.4 Description The software’s origin validation process, when using the allowed origins configuration, reduces URL-like values to their host component, accepting matches based solely on the host. This...
Webauthn Framework 访问控制错误漏洞
Webauthn Framework is an open-source authentication mechanism for Web-Authentication. It enables web applications to create and use powerful, proven, scoped, public-key-based credentials for strong user authentication. Versions of Webauthn Framework prior to 5.2.4 contained an access control...
CVE-2026-28787 OneUptime has WebAuthn 2FA bypass: server accepts client-supplied challenge instead of server-stored value, allowing credential replay
OneUptime is a solution for monitoring and managing online services. In version 10.0.11 and prior, the WebAuthn authentication implementation does not store the challenge on the server side. Instead, the challenge is returned to the client and accepted back from the client request body during...
OneUptime 安全漏洞
OneUptime is a comprehensive solution developed by OneUptime OpenSource. It is used to monitor and manage your online services. Versions of OneUptime 10.0.11 and earlier contain security vulnerabilities. These vulnerabilities stem from the WebAuthn authentication implementation, which does not...
CVE-2026-27836
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint /api/webauthn/prepare creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This allows unauthenticated attackers to create unlimited us...
Linux Distros Unpatched Vulnerability : CVE-2026-2800
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 148 and Thunderbird 148. CVE-2026-2800 Note that Nessus...
Missing Authorization
Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Missing Authorization via the WebAuthnController::prepare endpoint in the Frontend WebAuthn API component. An unauthenticated attacker can create...
phpMyFAQ Allows Unauthenticated Account Creation via WebAuthn Prepare Endpoint
Summary The WebAuthn prepare endpoint /api/webauthn/prepare creates new active user accounts without any authentication, CSRF protection, CAPTCHA, or configuration checks. This allows unauthenticated attackers to create unlimited user accounts even when registration is disabled. Details File:...
CVE-2026-27836
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint /api/webauthn/prepare creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This allows unauthenticated attackers to create unlimited us...
CVE-2026-27836 phpMyFAQ Allows Unauthenticated Account Creation via WebAuthn Prepare Endpoint
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint /api/webauthn/prepare creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This allows unauthenticated attackers to create unlimited us...
CVE-2026-27836 phpMyFAQ Allows Unauthenticated Account Creation via WebAuthn Prepare Endpoint
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint /api/webauthn/prepare creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This allows unauthenticated attackers to create unlimited us...