CVE-2026-46419

Published: Mag 14, 2026 Last Modified: Mag 14, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,5

Source: [email protected]

Attack Vector: network

Attack Complexity: high

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

Yubico webauthn-server-core (aka java-webauthn-server) 2.8.0 before 2.8.2 incorrectly checks a function's return value in the second factor flow, leading to impersonation.

253

Incorrect Check of Function Return Value

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Integrity

Potential Impacts:

Unexpected State Dos: Crash, Exit, Or Restart

Applicable Platforms

All platforms may be affected

Likelihood of Exploit: Low

View CWE Details

https://www.yubico.com/support/security-advisories/ysa-2026…

https://www.yubico.com/support/security-advisories/ysa-2026-02/

CVE-2026-46419

Description

Incorrect Check of Function Return Value

Common Consequences

Applicable Platforms

Iscriviti alla newsletter