2 matches found
CVE-2025-10908
Due to a lack of user account state validation during authentication, locked user accounts can be successfully authenticated using Magic Link or Pass Key methods. This bypasses the intended security control that should prevent access to accounts that have been locked. This vulnerability may allow...
PT-2026-39581
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A lack of user account state validation during authentication allows locked user accounts to be successfully accessed using Magic Link or Pass Key methods. This...