CVE-2026-31835 | dani-garcia vaultwarden up to 1.35.4 WebAuthn Two-Factor Authentication validate_webauthn_login data authenticity (GHSA-x7g7-cgx5-jhx2)

A vulnerability classified as problematic was found in dani-garcia vaultwarden up to 1.35.4. Affected is the function validate_webauthn_login of the component WebAuthn Two-Factor Authentication. Executing a manipulation can lead to insufficient verification of data authenticity.

This vulnerability appears as CVE-2026-31835. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More