Lucene search
K

39 matches found

Cvelist
Cvelist
added 2026/06/12 1:50 p.m.28 views

CVE-2026-6853 OTP Bypass in Başbelen Group's Pause+ Mobile App

Improper restriction of excessive authentication attempts vulnerability in Başbelen Group Food Cafe Businesses Industry and Trade Ltd. Co. Pause+ Mobile App allows Authentication Bypass. This issue affects Pause+ Mobile App: from v1.0.6 before v1.5...

9.8CVSS0.00346EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/11 6:55 a.m.59 views

Exploit for CVE-2026-7458

🧨 CVE-2026-7458 – PickPlugins User Verification OTP Bypass Un...

9.8CVSS5.5AI score0.00578EPSS
Exploits3
CVE
CVE
added 2026/06/02 12:48 p.m.23 views

CVE-2026-10611

CVE-2026-10611 describes an authentication bypass in MISP when LDAP mixed authentication is enabled with OTP enforcement. In deployments with LdapAuth.mixedAuth=true and Security.require_otp=true, users authenticated via an authentication plugin (e.g., LDAP) may have their session established dur...

10CVSS5.8AI score0.00353EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/21 2:8 p.m.12 views

CVE-2026-1816 OTP Bypass in TEİAŞ's Mobile Application

Improper restriction of excessive authentication attempts vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Brute Force. This issue affects Mobile Application: from 1.6.2 before 1.13...

6.3CVSS5.8AI score0.00184EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/21 12:41 p.m.11 views

CVE-2025-13477 OTP Bypass in Digital Operation Services' WifiBurada

Exposure of private personal information to an unauthorized actor, Insufficiently Protected Credentials vulnerability in Digital Operations Services Inc. WifiBurada allows Authentication Bypass. This issue affects WifiBurada: through 21052026. NOTE: The vendor was contacted early about this...

7.1CVSS5.8AI score0.00224EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/26 5:37 p.m.5 views

CVE-2026-26227 VLC for Android < 3.7.0 Remote Access OTP Authentication Bypass

VideoLAN VLC for Android prior to version 3.7.0 contains an authentication bypass in the Remote Access Server feature due to missing or insufficient rate limiting on one-time password OTP verification. The Remote Access Server uses a 4-digit OTP and does not enforce effective throttling or lockou...

6.3CVSS6AI score0.003EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-16762

Malware in sbrugna...

5.9CVSS5.9AI score0.01233EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-4957

Malware in sbrugna...

8.1CVSS8AI score0.00849EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-26603

Malicious code in bioql PyPI...

4.6CVSS6.6AI score0.01269EPSS
Exploits1References1
CVE
CVE
added 2025/09/04 8:34 a.m.15 views

CVE-2025-2411

CVE-2025-2411 describes an improper restriction of excessive authentication attempts in Akinsoft TaskPano that allows authentication bypass. Affected: TaskPano releases s1.06.04 up to before v1.06.06 (i.e., from s1.06.04 through before 1.06.06). Root cause: insufficient controls on authentication...

8.6CVSS5.4AI score0.00411EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/04 8:34 a.m.36 views

CVE-2025-2411 OTP Bypass in Akinsoft's TaskPano

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano allows Authentication Bypass. This issue affects TaskPano: from s1.06.04 before v1.06.06...

8.6CVSS0.00411EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/03 1:25 p.m.2 views

CVE-2025-2416 OTP Bypass in Akinsoft's LimonDesk

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft LimonDesk allows Authentication Bypass. This issue affects LimonDesk: from s1.02.14 before v1.02.17...

8.6CVSS5.4AI score0.00325EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/03 8:54 a.m.8 views

CVE-2025-2415 OTP Bypass in Akinsoft's MyRezzta

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass. This issue affects MyRezzta: from s2.03.01 before v2.05.01...

8.6CVSS0.00325EPSS
Exploits0References2
CVE
CVE
added 2025/08/15 2:24 a.m.29 views

CVE-2025-8342

CVE-2025-8342 concerns the WooCommerce OTP Login With Phone Number, OTP Verification plugin for WordPress. Affected versions up to 1.8.47 allow unauthenticated attackers to bypass OTP verification via faulty empty-value checks in lwp_ajax_register and exploit Firebase API error handling when the ...

8.1CVSS7.6AI score0.00598EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2025/05/15 1:13 p.m.453 views

Exploit for CVE-2025-4094

WordPress Plugin Digits OTP Bypass CVE-2025-4094 Overvie...

9.8CVSS9.5AI score0.16444EPSS
Exploits4
OSV
OSV
added 2025/04/25 8:15 p.m.6 views

CVE-2025-28128

An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request...

7CVSS5.8AI score0.00355EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/09/19 6:3 a.m.26 views

CVE-2024-47086 OTP Bypass Vulnerability

This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by providing arbitrary OTP value for authentication and subsequently changing its API...

8.7CVSS0.00474EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/19 6:3 a.m.20 views

CVE-2024-47086 OTP Bypass Vulnerability

This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by providing arbitrary OTP value for authentication and subsequently changing its API...

8.7CVSS7.4AI score0.00474EPSS
Exploits0References1
Hacker One
Hacker One
added 2024/07/30 7:32 a.m.617 views

Zomato: OTP Bypass via Response Manipulation

OTP One-Time Password bypass via response manipulation is a technique where an attacker intercepts and alters the server's response to bypass the OTP verification step. Response Manipulation: The attacker manipulates the server's response. For example, they might change a response indicating OTP...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/06/21 12:0 a.m.5 views

PT-2024-5353 · Securepoint · Securepoint Utm

Name of the Vulnerable Software and Affected Versions: Securepoint UTM versions 11.5 through 12.6.4 Securepoint UTM Reseller Preview version 12.7.0 Description: The issue is related to the authentication system of Securepoint UTM, specifically with the handling of One-Time Password OTP keys. This...

10CVSS7.5AI score0.0091EPSS
Exploits0References10
Rows per page
Query Builder