All 4 CVE vulnerabilities found in 2FAuth, with AI-generated Chinese analysis, references, and POCs.
Vendor: Bubka
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32133 | 2FAuth has Blind SSRF in image parameter allows internal network access and more CWE-918 | 7.1AI | HighAI | 2026-03-11 |
| CVE-2024-52598 | 2FAuth vulnerable to Server Side Request Forgery + URI validation bypass in 2fauth /api/v1/twofaccounts/preview CWE-79 | 7.5 | High | 2024-11-20 |
| CVE-2024-52597 | 2FAuth vulnerable to stored cross-site scripting via SVG upload and direct access render CWE-79 | 6.1 | Medium | 2024-11-20 |
| CVE-2023-36816 | Cross-Site Scripting (XSS) at Account creation in 2FAuth CWE-79 | 6.1 | Medium | 2023-07-03 |
All 4 known CVE vulnerabilities affecting 2FAuth with full Chinese analysis, references, and POCs where available.