Lucene search
K

4 matches found

Snyk
Snyk
added 2026/03/26 8:33 p.m.2 views

Authentication Bypass by Assumed-Immutable Data

Overview Affected versions of this package are vulnerable to Authentication Bypass by Assumed-Immutable Data in the step-up verification process. An attacker can gain unauthorized access to root-only channel secrets by bypassing authentication mechanisms using passkey-based methods. Remediation...

6.9CVSS6AI score0.00289EPSS
Exploits0References3
OSV
OSV
added 2026/03/23 7:56 p.m.3 views

GHSA-5353-F8FQ-65VC New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure

Summary A logic flaw in the universal secure verification flow allows an authenticated user with a registered passkey to satisfy secure verification without completing a WebAuthn assertion. Affected versions = v0.10.0 Description The POST /api/verify endpoint supports multiple secure verification...

4.9CVSS5.7AI score0.00289EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/23 7:56 p.m.15 views

New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure

Summary A logic flaw in the universal secure verification flow allows an authenticated user with a registered passkey to satisfy secure verification without completing a WebAuthn assertion. Affected versions = v0.10.0 Description The POST /api/verify endpoint supports multiple secure verification...

4.9CVSS5.7AI score0.00289EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/23 7:24 p.m.25 views

CVE-2026-32879 New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Starting in version 0.10.0, a logic flaw in the universal secure verification flow allows an authenticated user with a registered passkey to satisfy secure verification without completing a WebAut...

4.9CVSS0.00289EPSS
Exploits0References1
Rows per page
Query Builder