CVE-2025-31676

CVE-2025-31676: Email TFA - Moderately critical - Access bypass - SA-CONTRIB-2025-001

Vendor Drupal
Product Email TFA
Weakness CWE-1390
Published March 31, 2025
Last update June 19, 2025

CVSS base score

What the vulnerability does

01Description

Weak Authentication vulnerability in Drupal Email TFA allows Brute Force.This issue affects Email TFA: from 0.0.0 before 2.0.3.

Key dates

02Disclosure timeline

March 31, 2025 CVE published
June 19, 2025 Record updated