Drupal · Drupal Email Tfa · CVE-2025-31676
**Name of the Vulnerable Software and Affected Versions**
Drupal Email TFA versions 0.0.0 through 2.0.2
**Description**
The issue is related to weak authentication in Drupal Email TFA, allowing brute force attacks.
**Recommendations**
For versions 0.0.0 through 2.0.2, update to version 2.0.3 or later to resolve the issue.