Lucene search
K

1873 matches found

EUVD
EUVD
added 2026/05/12 5:40 p.m.12 views

EUVD-2026-29727

Pingvin Share X is a secure and easy self-hosted file sharing platform. From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an attacker who has obtained a valid username and password to skip the second-factor authentication TOTP requirement entirely. Although, an attacker...

9.1CVSS5.8AI score0.00299EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/12 9:49 a.m.13 views

CVE-2026-43914

A flaw was found in Vaultwarden, a Bitwarden-compatible server. A remote attacker can exploit an unprotected two-factor authentication 2FA function, sendemaillogin, to bypass login brute-force protection. This allows the attacker to repeatedly attempt password guesses without rate-limiting,...

9.8CVSS5.8AI score0.00288EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Pingvin Share 授权问题漏洞

Pingvin Share is a self-hosted file sharing platform developed by Elias Schneider as an individual project. Versions of Pingvin Share from 1.14.1 to 1.16.2 have vulnerabilities related to authorization. These vulnerabilities stem from critical authentication bypass exploits, which could allow...

9.1CVSS5.9AI score0.00299EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-40332

Pingvin Share X is a secure and easy self-hosted file sharing platform. From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an attacker who has obtained a valid username and password to skip the second-factor authentication TOTP requirement entirely. Although, an attacker...

9.1CVSS5.8AI score0.00299EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/11 10:3 p.m.10 views

CVE-2026-43914 Vaultwarden: Brute-force protection bypass vulnerability

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.4, there is a security vulnerability in Vaultwarden that allows bypassing the login brute-force protection if email 2fa is enabled. If email 2fa is enabled, the unprotected 2fa-function sendemaillogin email.rs, api endpoi...

7.3CVSS5.8AI score0.00288EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2026/05/11 3:45 p.m.18 views

Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation

Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence AI system, marking the first time the technology has been put to use in the wild in a malicious context for vulnerability discovery and...

5.7AI score
Exploits0
Cvelist
Cvelist
added 2026/05/11 2:40 p.m.40 views

CVE-2026-34087 Users API leaks whether privileged users have their user groups disabled for lack of 2FA

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation OATHAuth. This issue affects OATHAuth: from before 1.43.7, 1.44.4, 1.45.2...

5.1CVSS0.00267EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/11 2:40 p.m.10 views

CVE-2026-34087 Users API leaks whether privileged users have their user groups disabled for lack of 2FA

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation OATHAuth. This issue affects OATHAuth: from before 1.43.7, 1.44.4, 1.45.2...

5.1CVSS5.8AI score0.00267EPSS
Exploits0References1
CVE
CVE
added 2026/05/11 2:40 p.m.18 views

CVE-2026-34087

CVE-2026-34087 affects Wikimedia Foundation OATHAuth. The connected documents confirm the issue is an exposure of sensitive information to an unauthorized actor, with affected OATHAuth versions listed as before 1.43.7, 1.44.4, 1.45.2. The exploitation status is not provided in the sources. There ...

7.5CVSS5.8AI score0.00267EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/09 7:43 p.m.7 views

EUVD-2026-28937

AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the ApplyXForwarded middleware unconditionally trusts the client-supplied X-Forwarded-Host HTTP header with no trusted proxy allowlist. An unauthenticated attacker can poison the password reset URL sent to...

8.1CVSS5.8AI score0.00476EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/05/08 10:54 p.m.6 views

CVE-2026-42452 Termix: Pending-TOTP temporary token can regenerate backup codes and neutralize TOTP

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, /users/login issues a temporary JWT temptoken for TOTP-enabled accounts. That token carries a pendingTOTP state and should only be valid for the second-factor flow...

8.1CVSS5.7AI score0.00306EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/08 10:54 p.m.13 views

EUVD-2026-28862

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, /users/login issues a temporary JWT temptoken for TOTP-enabled accounts. That token carries a pendingTOTP state and should only be valid for the second-factor flow...

8.1CVSS5.7AI score0.00306EPSS
Exploits0References2
CVE
CVE
added 2026/05/08 12:35 p.m.33 views

CVE-2022-50994

The affected product is DrayTek Vigor 2960 with firmware versions prior to 1.5.1.4. The vulnerability is an OS command injection in the CGI login handler, exploitable by an unauthenticated remote attacker who injects shell metacharacters into the formpassword parameter; the input reaches the otp_...

9.2CVSS6.6AI score0.01432EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/07 2:59 a.m.12 views

EUVD-2026-28272

Admidio is an open-source user management solution. Prior to version 5.0.9, a logic error in Admidio's two-factor authentication reset inverts the authorization check. Non-admin users cannot remove their own TOTP configuration, but they can remove other users' TOTP, including administrators. A...

7.1CVSS5.7AI score0.00297EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/07 2:59 a.m.10 views

CVE-2026-41660

Admidio is an open-source user management solution. Prior to version 5.0.9, a logic error in Admidio's two-factor authentication reset inverts the authorization check. Non-admin users cannot remove their own TOTP configuration, but they can remove other users' TOTP, including administrators. A...

7.1CVSS5.7AI score0.00297EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/07 2:59 a.m.7 views

CVE-2026-41660 Admidio: Inverted 2FA Reset Authorization Check Lets Group Leaders Strip Admin TOTP

Admidio is an open-source user management solution. Prior to version 5.0.9, a logic error in Admidio's two-factor authentication reset inverts the authorization check. Non-admin users cannot remove their own TOTP configuration, but they can remove other users' TOTP, including administrators. A...

7.1CVSS5.7AI score0.00297EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/07 2:59 a.m.43 views

CVE-2026-41660 Admidio: Inverted 2FA Reset Authorization Check Lets Group Leaders Strip Admin TOTP

Admidio is an open-source user management solution. Prior to version 5.0.9, a logic error in Admidio's two-factor authentication reset inverts the authorization check. Non-admin users cannot remove their own TOTP configuration, but they can remove other users' TOTP, including administrators. A...

7.1CVSS0.00297EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.19 views

Admidio 安全漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Prior to Admidio 5.0.9, there were security vulnerabilities. These vulnerabilities stemmed fr...

7.1CVSS5.8AI score0.00297EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/06 8:42 p.m.9 views

phpMyFAQ enables unauthenticated 2FA brute-force attack via /admin/check acceptance of arbitrary user-id

Summary The /admin/check endpoint in AuthenticationController implements SkipsAuthenticationCheck, making it reachable without any prior authentication. An anonymous attacker Bob can POST arbitrary user-id and token values to brute-force any user's 6-digit TOTP code. No rate limiting exists. The...

9.3CVSS6.1AI score0.00339EPSS
Exploits0References4Affected Software2
AlpineLinux
AlpineLinux
added 2026/05/05 6:51 p.m.8 views

CVE-2026-31835

Vaultwarden is a Bitwarden-compatible server written in Rust. In versions 1.35.4 and earlier, the WebAuthn authentication flow in validatewebauthnlogin updates persistent credential metadata 1backupeligible1 and 1backupstate flags1 based on unverified authenticatorData before signature validation...

5.4CVSS5.8AI score0.00151EPSS
Exploits1References2
Rows per page
Query Builder