CVE-2026-11931

Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other local users or processes via world-readable permissions 0644 instead of owner-restricted permissions 0600. To remediate this issue, users should upgrade t...

CVE-2026-11931 Insecure Permissions on Authentication Token Cache File in Kiro IDE

Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other local users or processes via world-readable permissions 0644 instead of owner-restricted permissions 0600. To remediate this issue, users should upgrade t...

CVE-2026-11931

CVE-2026-11931 affects Kiro IDE on macOS and Linux prior to version 0.11.133, where the authentication token cache file could be world-readable (0644) instead of owner-restricted (0600). This may allow other local users/processes to access cached tokens. Remediation: upgrade to Kiro IDE 0.11.133 ...

EUVD-2026-36496

Cap-go prior to 12.128.2 contains an account takeover vulnerability in its email change mechanism that allows an attacker with temporary authenticated session access to change the registered email address without re-authentication such as password or MFA verification. Attackers can redirect...

PT-2026-48934

Name of the Vulnerable Software and Affected Versions Cap-go versions prior to 12.128.2 Description An account takeover issue exists in the email change mechanism. An attacker with temporary authenticated session access can change the registered email address without requiring re-authentication,...

CVE-2025-68712

SpSoft AppLock com.sp.protector.free 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to consistently enforce...

GHSA-97R5-PG8X-P63P Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAuth identity acceptance

Summary Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user. If an attacker can operate an already-authenticated but stale victim session, they can complete OAuth verification using their own OAuth...

Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAuth identity acceptance

Summary Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user. If an attacker can operate an already-authenticated but stale victim session, they can complete OAuth verification using their own OAuth...

Always-Incorrect Control Flow Implementation

Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation in the OAuth reauthentication for stale sessions. An attacker can perform unauthorized account actions by completing OAuth verification with their own identity in a stale, authenticated victi...

Always-Incorrect Control Flow Implementation

Overview Flask-Security is a Simple security for Flask apps. Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation in the OAuth reauthentication for stale sessions. An attacker can perform unauthorized account actions by completing OAuth verification wit...

EUVD-2026-31362

Concrete CMS below 9.5.0 and below is vulnerable to password change without reauthorization and session-hardening bypass. The user-profile edit controller passes the entire raw POST array to UserInfo::update without field whitelisting resulting in password change without requiring the current...

Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAuth identity acceptance

Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user. If an attacker can operate an already-authenticated but stale victim session, they can complete OAuth verification using their own OAuth identity...

PT-2026-42564

Name of the Vulnerable Software and Affected Versions Concrete CMS versions prior to 9.5.0 Description The user-profile edit controller passes the entire raw POST array to the UserInfo::update function without field whitelisting. This allows registered users to change passwords without providing...

CLSA-2026-1778859875 samba: Fix of CVE-2025-0620

Fix CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session...

PT-2026-43462

Name of the Vulnerable Software and Affected Versions AVideo versions 29.0 and earlier Description A cross-site request forgery CSRF issue exists in the 2FA toggle functionality. The endpoint "plugin/LoginControl/set.json.php" accepts POST requests with the parameters type=set2FA and value=false ...

CVE-2026-43640

Bitwarden Server prior to v2026.4.1 does not require master-password re-authentication when retrieving or rotating an organization's SCIM API key, allowing an authenticated user with SCIM management privileges to obtain the key using only a valid session...

CVE-2026-43640 Bitwarden Server < 2026.4.1 Authentication Bypass via SCIM API Key

Bitwarden Server prior to v2026.4.1 does not require master-password re-authentication when retrieving or rotating an organization's SCIM API key, allowing an authenticated user with SCIM management privileges to obtain the key using only a valid session...

CVE-2026-43640

Bitwarden Server prior to v2026.4.1 does not require master-password re-authentication when retrieving or rotating an organization's SCIM API key, allowing an authenticated user with SCIM management privileges to obtain the key using only a valid session...

CVE-2026-6848

A flaw was found in Red Hat Quay. When Red Hat Quay requests password re-verification for sensitive operations, such as token generation or robot account creation, the re-authentication prompt can be bypassed. This allows a user with a timed-out session, or an attacker with access to an idle...

CVE-2026-6848

Summary: CVE-2026-6848 affects Red Hat Quay. The vulnerability allows bypassing the re-authentication prompt for password‑reverification during sensitive operations (e.g., token generation, robot account creation) when a user has a timed‑out session or idle authenticated browser session. This can...