Lucene search
K

8 matches found

NVD
NVD
added 2026/06/20 4:17 p.m.13 views

CVE-2026-56294

capacitor-native-biometric before 12.128.2 contains an authentication bypass vulnerability where the onAuthenticationSucceeded method fails to validate CryptoObject parameters. Attackers can hook the onAuthenticationSucceeded function using dynamic instrumentation to bypass biometric authenticati...

4.8CVSS0.00165EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/20 3:24 p.m.31 views

CVE-2026-56294 capacitor-native-biometric - Authentication Bypass via Unvalidated CryptoObject in onAuthenticationSucceeded

capacitor-native-biometric before 12.128.2 contains an authentication bypass vulnerability where the onAuthenticationSucceeded method fails to validate CryptoObject parameters. Attackers can hook the onAuthenticationSucceeded function using dynamic instrumentation to bypass biometric authenticati...

4.8CVSS0.00165EPSS
Exploits0References2
CVE
CVE
added 2026/06/20 3:24 p.m.25 views

CVE-2026-56294

The CVE-2026-56294 vulnerability affects capacitor-native-biometric (before 12.128.2). The onAuthenticationSucceeded() path fails to validate CryptoObject parameters, enabling an attacker to bypass biometric authentication by hooking the function via dynamic instrumentation. This can allow access...

4.8CVSS5.9AI score0.00165EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/20 3:24 p.m.10 views

EUVD-2026-38121

capacitor-native-biometric before 12.128.2 contains an authentication bypass vulnerability where the onAuthenticationSucceeded method fails to validate CryptoObject parameters. Attackers can hook the onAuthenticationSucceeded function using dynamic instrumentation to bypass biometric authenticati...

4.8CVSS5.9AI score0.00165EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.15 views

PT-2026-51153

Name of the Vulnerable Software and Affected Versions capacitor-native-biometric versions prior to 12.128.2 Description An authentication bypass exists because the onAuthenticationSucceeded function fails to validate CryptoObject parameters. This allows attackers to use dynamic instrumentation to...

4.8CVSS5.9AI score0.00165EPSS
Exploits0References9
Snyk
Snyk
added 2026/02/10 2:33 p.m.2 views

Improper Authentication

Overview @capgo/capacitor-native-biometric is a This plugin gives access to the native biometric apis for android and iOS Affected versions of this package are vulnerable to Improper Authentication via the onAuthenticationSucceeded function. An attacker can gain unauthorized access by hooking and...

5.2CVSS5.6AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/02/10 2:33 p.m.7 views

@authnlabs/authn (>=1.0.10 <=1.0.18), @s-ui/sui-tool-app (>=1.5.0 <=1.27.0) potentially affected by unknown CVE via @capgo/capacitor-native-biometric (>=5.1.1 <=6.0.4)

@capgo/capacitor-native-biometric NPM version =5.1.1, =1.0.10, =1.5.0, =1.27.0 Source cves: unknown CVE Source advisory: OSV:GHSA-VX5F-VMR6-32WF...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/02/10 2:33 p.m.16 views

cap-go/capacitor-native-biometric Authentication Bypass

There is a potential issue with the cap-go/capacitor-native-biometric library. --- Summary The cap-go/capacitor-native-biometric library was found to be subject to an authentication bypass as the current implementation of the onAuthenticationSucceeded does not appear to handle a...

5.8AI score
Exploits0References3Affected Software1
Rows per page
Query Builder