CVE-2025-6675 – Drupal Enterprise MFA – TFA Authentication Bypass

June 26, 2025

CVE ID : CVE-2025-6675

Published : June 26, 2025, 2:15 p.m. | 49 minutes ago

Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA – TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA – TFA for Drupal: from 0.0.0 before 4.8.0, from 5.2.0 before 5.2.1, from 0.0.0 before 5.0.*, from 0.0.0 before 5.1.*.

Severity: 4.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6676 – Drupal Simple XML Sitemap Cross-Site Scripting (XSS)

Next Article CVE-2025-6674 – Drupal CKEditor5 Youtube Cross-Site Scripting (XSS)

Highlights

CVE-2025-55156 – PyLoad SQL Injection Vulnerability

August 11, 2025

CVE ID : CVE-2025-55156

Published : Aug. 11, 2025, 11:15 p.m. | 53 minutes ago

Description : pyLoad is the free and open-source Download Manager written in pure Python. Prior to version 0.5.0b3.dev91, the parameter add_links in API /json/add_package is vulnerable to SQL Injection. Attackers can modify or delete data in the database, causing data errors or loss. This issue has been patched in version 0.5.0b3.dev91.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

GitHub’s CEO Thomas Dohmke steps down, triggering tighter integration of company within Microsoft

bitHuman launches SDK for creating AI avatars

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

I found a Google Maps alternative that won’t track you or drain your battery – and it’s free

I tested this new AI podcast tool to see if it can beat NotebookLM – here’s how it did

Microsoft’s new update makes your taskbar a productivity hub – here’s how

Save $50 on the OnePlus Pad 3 plus get a free gift – here’s the deal

Laravel Global Scopes: Automatic Query Filtering

Laravel Global Scopes: Automatic Query Filtering

Building MCP Servers in PHP

Filament v4 is Stable!

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

Madden NFL 26 Leads This Week’s Xbox Drops—But Don’t Miss These Hidden Gems

ASUS G14 Bulked Up for 2025—Still Sexy, Just a Bit Chonkier

CVE-2025-6675 – Drupal Enterprise MFA – TFA Authentication Bypass

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

WinRAR zero-day exploited in espionage attacks against high-value targets

CVE-2025-4018 – Novel-Plus Remote Authentication Bypass

CVE-2025-53493 – Wikimedia Foundation Mediawiki – MintyDocs Extension Stored Cross-site Scripting (XSS)

5 reasons not to “hack back”

mpd-mpris – MPRIS protocol for MPD

CVE-2025-55156 – PyLoad SQL Injection Vulnerability

12-Year-Old Sudo Linux Vulnerability Enables Privilege Escalation to Root User

LocalXpose: The Most Useful Tool for Developers to Share Localhost Online

Raspberry Pi 5 Desktop Mini PC: Passive Cooling the Right Way

CVE-2025-6675 – Drupal Enterprise MFA – TFA Authentication Bypass

Related Posts