CVE-2025-49591
CVE-2025-49591 (CryptPad 2FA bypass) affects CryptPad versions prior to 2025.3.0. The weakness is in access control enforcement for 2FA, where 2FA can be bypassed if the path parameter length is not 44 characters, enabling an attacker with user credentials to access the victim’s account without e...