Email Tfa Project Email Tfa — known CVE vulnerabilities
Every CVE whose affected-product data names Email Tfa Project Email Tfa, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
- CVE-2025-31676 — CVSS 8.8 (high): Weak Authentication vulnerability in Drupal Email TFA allows Brute Force.This issue affects Email TFA: from 0.0.0 before 2.0.3.
- CVE-2025-12760 — CVSS 5.4 (medium): Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Email TFA allows Functionality Bypass.This issue affects…