CVE-2025-6675 – Drupal Enterprise MFA – TFA Authentication Bypass

June 26, 2025

CVE ID : CVE-2025-6675

Published : June 26, 2025, 2:15 p.m. | 49 minutes ago

Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA – TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA – TFA for Drupal: from 0.0.0 before 4.8.0, from 5.2.0 before 5.2.1, from 0.0.0 before 5.0.*, from 0.0.0 before 5.1.*.

Severity: 4.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6676 – Drupal Simple XML Sitemap Cross-Site Scripting (XSS)

Next Article CVE-2025-6674 – Drupal CKEditor5 Youtube Cross-Site Scripting (XSS)

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

The next big HDMI leap has arrived – here’s how these 16K cables will shake things up

Here’s how you can still trade in any phone at Verizon to get an iPhone, iPad, and Apple Watch free

Anthropic has a plan to combat AI-triggered job losses predicted by its CEO

Forget Google and Microsoft: OpenAI may be building the ultimate work suite of apps and services

Say hello to ECMAScript 2025

Say hello to ECMAScript 2025

Ecma International approves ECMAScript 2025: What’s new?

Building Together: PRFT Colleagues Volunteer with Atlanta Habitat for Humanity

Fix Elden Ring Nightreign Connection Errors And Server Login Failure PC

Fix Elden Ring Nightreign Connection Errors And Server Login Failure PC

Fix Now EAC Error 20006 in Elden Ring: Nightreign [6 Easy Tricks]

Fix Now Elden Ring Nightreign EAC Error 30005 (CreateFile Failed)

CVE-2025-6675 – Drupal Enterprise MFA – TFA Authentication Bypass

New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions

⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More

Akamai meldt actief misbruik van lekken in GeoVision IoT-apparaten

CVE-2025-4456 – Project Worlds Car Rental Project SQL Injection Vulnerability

Designing For Neurodiversity

Bose expands its portable speaker lineup, introducing a new product and refreshing an old favorite

Key Considerations Before Outsourcing Your Mobile App Development

Amazon extends July Prime Day to four day event, confirms 2025 dates

Grab a pair of Beats Studio Pro headphones for 50% off on Amazon right now

Claude Pro’s two new features make this AI subscription even more enticing

CVE-2025-6675 – Drupal Enterprise MFA – TFA Authentication Bypass

Related Posts