Lucene search
K

4 matches found

NVD
NVD
added 2026/06/22 2:17 p.m.13 views

CVE-2026-56450

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS0.0033EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 1:2 p.m.8 views

EUVD-2026-38239

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS5.9AI score0.0033EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 1:2 p.m.37 views

CVE-2026-56450 AIL Framework - Missing Rate Limiting Enables Brute-Force Attacks Against Two-Factor Authentication Codes

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS0.0033EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 1:2 p.m.3 views

CVE-2026-56450

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS5.9AI score0.0033EPSS
Exploits0References2
Rows per page
Query Builder