Threats Tagged 'cve-2026-56450'
View all threats tagged with 'cve-2026-56450'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-56450'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-56450: CWE-307 Improper Restriction of Excessive Authentication Attempts in ail project ail frameworkCVE-2026-56450 0 AIL did not restrict repeated failed attempts to verify a two-factor authentication (OTP) code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable brute-force guessing of a valid code and bypass the intended second authentication factor, resulting in unauthorized account access. The patch introduces per-user failed-OTP tracking, blocks verification after 30 failed attempts for one hour, clears the counter after a successful OTP verification, and provides administrator recovery actions to purge affected lockouts. Join the discussion | CVE Database V5 | 06/22/2026, 13:02:30 UTC Added: 06/22/2026, 13:54:18 UTC |
Showing 1 to 1 of 1 result