39 matches found
CVE-2026-6853 OTP Bypass in Başbelen Group's Pause+ Mobile App
Improper restriction of excessive authentication attempts vulnerability in Başbelen Group Food Cafe Businesses Industry and Trade Ltd. Co. Pause+ Mobile App allows Authentication Bypass. This issue affects Pause+ Mobile App: from v1.0.6 before v1.5...
Exploit for CVE-2026-7458
🧨 CVE-2026-7458 – PickPlugins User Verification OTP Bypass Un...
CVE-2026-10611
CVE-2026-10611 describes an authentication bypass in MISP when LDAP mixed authentication is enabled with OTP enforcement. In deployments with LdapAuth.mixedAuth=true and Security.require_otp=true, users authenticated via an authentication plugin (e.g., LDAP) may have their session established dur...
CVE-2026-1816 OTP Bypass in TEİAŞ's Mobile Application
Improper restriction of excessive authentication attempts vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Brute Force. This issue affects Mobile Application: from 1.6.2 before 1.13...
CVE-2025-13477 OTP Bypass in Digital Operation Services' WifiBurada
Exposure of private personal information to an unauthorized actor, Insufficiently Protected Credentials vulnerability in Digital Operations Services Inc. WifiBurada allows Authentication Bypass. This issue affects WifiBurada: through 21052026. NOTE: The vendor was contacted early about this...
CVE-2026-26227 VLC for Android < 3.7.0 Remote Access OTP Authentication Bypass
VideoLAN VLC for Android prior to version 3.7.0 contains an authentication bypass in the Remote Access Server feature due to missing or insufficient rate limiting on one-time password OTP verification. The Remote Access Server uses a 4-digit OTP and does not enforce effective throttling or lockou...
EUVD-2019-16762
Malware in sbrugna...
EUVD-2019-4957
Malware in sbrugna...
EUVD-2025-26603
Malicious code in bioql PyPI...
CVE-2025-2411
CVE-2025-2411 describes an improper restriction of excessive authentication attempts in Akinsoft TaskPano that allows authentication bypass. Affected: TaskPano releases s1.06.04 up to before v1.06.06 (i.e., from s1.06.04 through before 1.06.06). Root cause: insufficient controls on authentication...
CVE-2025-2411 OTP Bypass in Akinsoft's TaskPano
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano allows Authentication Bypass. This issue affects TaskPano: from s1.06.04 before v1.06.06...
CVE-2025-2416 OTP Bypass in Akinsoft's LimonDesk
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft LimonDesk allows Authentication Bypass. This issue affects LimonDesk: from s1.02.14 before v1.02.17...
CVE-2025-2415 OTP Bypass in Akinsoft's MyRezzta
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass. This issue affects MyRezzta: from s2.03.01 before v2.05.01...
CVE-2025-8342
CVE-2025-8342 concerns the WooCommerce OTP Login With Phone Number, OTP Verification plugin for WordPress. Affected versions up to 1.8.47 allow unauthenticated attackers to bypass OTP verification via faulty empty-value checks in lwp_ajax_register and exploit Firebase API error handling when the ...
Exploit for CVE-2025-4094
WordPress Plugin Digits OTP Bypass CVE-2025-4094 Overvie...
CVE-2025-28128
An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request...
CVE-2024-47086 OTP Bypass Vulnerability
This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by providing arbitrary OTP value for authentication and subsequently changing its API...
CVE-2024-47086 OTP Bypass Vulnerability
This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by providing arbitrary OTP value for authentication and subsequently changing its API...
Zomato: OTP Bypass via Response Manipulation
OTP One-Time Password bypass via response manipulation is a technique where an attacker intercepts and alters the server's response to bypass the OTP verification step. Response Manipulation: The attacker manipulates the server's response. For example, they might change a response indicating OTP...
PT-2024-5353 · Securepoint · Securepoint Utm
Name of the Vulnerable Software and Affected Versions: Securepoint UTM versions 11.5 through 12.6.4 Securepoint UTM Reseller Preview version 12.7.0 Description: The issue is related to the authentication system of Securepoint UTM, specifically with the handling of One-Time Password OTP keys. This...