2 matches found
CVE-2026-32730
ApostropheCMS is an open-source content management framework. Prior to version 4.28.0, the bearer token authentication middleware in @apostrophecms/express/index.js lines 386-389 contains an incorrect MongoDB query that allows incomplete login tokens — where the password was verified but TOTP/MFA...
CVE-2026-32730
creationtimestamp| type| source ---|---|--- 2026-03-18 19:48:51+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-v9xm-ffx2-7h35 2026-03-18 23:20:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhemshlyzm2u 2026-03-24 23:40:08+00:00| seen|...