Vulnerability in Circl Vulnerability-lookup
CVE-2025-42615
In affected versions, vulnerability-lookup did not track or limit failed One-Time Password (OTP) attempts during Two-Factor Authentication (2FA) verification. An attacker who already knew or guessed a valid username and password could s…
EPSS: 0.003 (24.2th percentile) — read the EPSS interpretation.
Affected products
- Circl Vulnerability-lookup — versions 0
Weakness classification (CWE)
References
- a6d3dc9e-0591-4a13-bce7-0f5b31ff6158 (vendor-advisory)