9 matches found
CVE-2026-4208
The extension fails to properly reset the generated MFA code after successful authentication. This leads to a possible MFA bypass for future login attempts by providing an empty string as MFA code to the extensions MFA provider...
Authentication Bypass
ralffreit/mfa-email is vulnerable to Authentication Bypass. The vulnerability is due to failure to properly reset the MFA code after successful authentication, which allows an attacker to bypass MFA by providing an empty code in subsequent login attempts...
GHSA-29R8-GVX4-R9W3 Authentication Bypass in extension "E-Mail MFA Provider" (mfa_email)
The extension fails to properly reset the generated MFA code after successful authentication. This leads to a possible MFA bypass for future login attempts by providing an empty string as MFA code to the extensions MFA provider...
EUVD-2026-12554
The extension fails to properly reset the generated MFA code after successful authentication. This leads to a possible MFA bypass for future login attempts by providing an empty string as MFA code to the extensions MFA provider...
Authentication Bypass in extension "E-Mail MFA Provider" (mfa_email)
The extension fails to properly reset the generated MFA code after successful authentication. This leads to a possible MFA bypass for future login attempts by providing an empty string as MFA code to the extensions MFA provider...
CVE-2026-4208
The extension fails to properly reset the generated MFA code after successful authentication. This leads to a possible MFA bypass for future login attempts by providing an empty string as MFA code to the extensions MFA provider...
CVE-2026-4208 Authentication Bypass in extension "E-Mail MFA Provider" (mfa_email)
The extension fails to properly reset the generated MFA code after successful authentication. This leads to a possible MFA bypass for future login attempts by providing an empty string as MFA code to the extensions MFA provider...
CVE-2026-4208
CVE-2026-4208 describes a vulnerability where an extension fails to reset the generated MFA code after a successful login, enabling an MFA bypass for subsequent login attempts by providing an empty string to the extension’s MFA provider. The description does not specify affected products, version...
No Create2 Contract Deployment Check can prevent a borrower from deploying contracts from a factory if deployment fails
Lines of code Vulnerability details Descripion When a contract is deployed using Create2 the deployment can fail without causing a revert. The following conditions can cause it to not revert: 1. A contract already exists at the destination address. 2. Insufficient value to transfer. 3. Sub contex...