Vulnerabilities

Report: - Password bypass when 2FA is activated CVE-2026-40177

2026-04-10 0 views admin

CVE ID :CVE-2026-40177 Published : April 10, 2026, 8:16 p.m. | 1 hour, 28 minutes ago Description :ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible to bypass the password authentication This vulnerability is fixed in 0.112. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-40177

Severity

CRITICAL

Published

April 10, 2026

🏷️ Tags

reportpasswordbypassactivated40177publishedminutesdescriptioncvecve-2026-40177

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: - Password bypass when 2FA is activated CVE-2026-40177

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-30232 - Chartbrew has SSRF in API Data Connection - No IP Validation on User-Provided URLs - 2025 Update

Report: CVE-2026-40175 - Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain - Complete Guide

Report: Ultimate Guide: CVE-2026-40168 - Postiz has Server-Side Request Forgery via Redirect Bypass in /api/public/stream

Report: Update: CVE-2026-39922 - GeoNode < 4.4.5, 5.0.2 SSRF via Service Registration

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting