CVE-2026-40178
ajenti.plugin.core has a race conditions in 2FA
CVSS Score
0.0
EPSS Score
0.1%
EPSS Percentile
22th
ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. This vulnerability is fixed in 0.112.
| CWE | CWE-287 CWE-362 |
| Vendor | ajenti |
| Product | ajenti |
| Published | Apr 10, 2026 |
| Last Updated | Apr 14, 2026 |
Stay Ahead of the Next One
Get instant alerts for ajenti ajenti
Be the first to know when new unknown vulnerabilities affecting ajenti ajenti are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
ajenti / ajenti
< 0.112