CVE-2026-46419
HIGH NVDCVSS Score
7.5
Severity
HIGH
Source
NVD
Published
May 14, 2026
Description
Yubico webauthn-server-core (aka java-webauthn-server) 2.8.0 before 2.8.2 incorrectly checks a function's return value in the second factor flow, leading to impersonation.