CVE-2026-57867
CVSS Score
0.0
EPSS Score
0.3%
EPSS Percentile
26th
MicroRealEstate allows adversaries to bypass authentication due to a lack of token state management. This would permit adversaries targeting MicroRealEstate deployments to brute-force One-Time Passwords (OTP) to log in as any user. This issue affects MicroRealEstate: through 1.0.0-alpha3.
| CWE | CWE-288 |
| Vendor | microrealestate |
| Product | microrealestate |
| Published | Jul 7, 2026 |
| Last Updated | Jul 7, 2026 |
Stay Ahead of the Next One
Get instant alerts for microrealestate microrealestate
Be the first to know when new unknown vulnerabilities affecting microrealestate microrealestate are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
MicroRealEstate / MicroRealEstate
0 โค 1.0.0-alpha3
References
Credits
Jake Cleland