EUVD-2025-6736

Malicious code in bioql PyPI...

CVE-2025-26486

Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerabilities in Beta80 "Life 1st Identity Manager" enable an attacker with access to password hashes to bruteforce user password...

CVE-2025-26485

A vulnerability in Beta80 Life 1st enables the retrieval of different error messages for failed authentication attempts in case of the usage of a wrong password or a non existent user. The difference in the returned error messages could be used by attackers to understand whether a certain user is...

CVE-2025-26485

A vulnerability in Beta80 Life 1st enables the retrieval of different error messages for failed authentication attempts in case of the usage of a wrong password or a non existent user. The difference in the returned error messages could be used by attackers to understand whether a certain user is...

CVE-2025-26486

Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerabilities in Beta80 "Life 1st Identity Manager" enable an attacker with access to password hashes to bruteforce user password...

CVE-2025-26485

A vulnerability in Beta80 Life 1st enables the retrieval of different error messages for failed authentication attempts in case of the usage of a wrong password or a non existent user. The difference in the returned error messages could be used by attackers to understand whether a certain user is...

CVE-2025-26485

The CVE-2025-26485 entry describes a vulnerability in Beta80 Life 1st (affected version: 1.5.2.14234) where authentication error handling reveals differing messages for wrong passwords versus non-existent users. This enables potential user enumeration and information disclosure about registered i...