Tag

Replay-Attack

3 briefs RSS

eduMFA Passkey Replay Vulnerability

eduMFA versions prior to 2.9.1 are vulnerable to replay attacks due to a missing expiration flag in userless Passkey/WebAuthn challenges, potentially leading to unauthorized access.

eduMFA replay-attack authentication webauthn

2r May 18, 2026

medium advisory

OpenClaw Webhook Replay Vulnerability (CVE-2026-41395)

2 rules 1 TTP 1 CVE

OpenClaw before 2026.3.28 is vulnerable to webhook replay attacks due to improper signature verification, allowing attackers to reorder query parameters and trigger duplicate voice-call processing.

OpenClaw webhook replay-attack plivo

2r 1t 1c Apr 29, 2026

critical advisory

OpenClaw Bootstrap Code Replay Vulnerability (CVE-2026-32987)

2 rules 2 TTPs

OpenClaw before 2026.3.13 is vulnerable to a replay attack during device pairing verification, allowing attackers to repeatedly verify a bootstrap code and escalate privileges to operator.admin.

replay-attack privilege-escalation device-pairing

2r 2t Mar 29, 2026