2 matches found
CVE-2026-56081 Cap-go - Account Lockout via 2FA Misconfiguration on Unverified Email
Cap-go before 12.128.2 contains an authentication logic flaw that lets an attacker register and control an account bound to a victim's email address before that email is verified. By enabling two-factor authentication on the pre-registered account, the attacker gains control over the account...
Huawei Watch Privilege Control Vulnerability
Huawei Watch 2 is Huawei's second generation smart sports watch. A privilege control vulnerability exists in Huawei Watch 2. Due to misconfiguration of privileges for specific operations, an attacker who has been informed that the watch is bound to a Huawei account can bypass privilege checking b...