4 matches found
CVE-2026-56294
capacitor-native-biometric before 12.128.2 contains an authentication bypass vulnerability where the onAuthenticationSucceeded method fails to validate CryptoObject parameters. Attackers can hook the onAuthenticationSucceeded function using dynamic instrumentation to bypass biometric authenticati...
GHSA-VX5F-VMR6-32WF cap-go/capacitor-native-biometric Authentication Bypass
There is a potential issue with the cap-go/capacitor-native-biometric library. --- Summary The cap-go/capacitor-native-biometric library was found to be subject to an authentication bypass as the current implementation of the onAuthenticationSucceeded does not appear to handle a...
Malicious code in @capacitor-bmo/biometric (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 31e5db1d24cb68dbd291a2dc917c13515b048d4ae58196d9a921d4fea7382316 The OpenSSF Package Analysis project identified '@capacitor-bmo/biometric' @ 9999.0.1 npm as malicious. It is considered malicious because: - Th...
MAL-2025-6883 Malicious code in @capacitor-bmo/biometric (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 31e5db1d24cb68dbd291a2dc917c13515b048d4ae58196d9a921d4fea7382316 The OpenSSF Package Analysis project identified '@capacitor-bmo/biometric' @ 9999.0.1 npm as malicious. It is considered malicious because: - Th...