CVE-2025-47776

Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker versions 2.27.1 and below

Description Mantis Bug Tracker contains a flaw in its authentication code due to the use of loose comparison (==) instead of strict comparison (===). PHP type juggling can cause certain MD5 hashes matching scientific notation to be interpreted as numbers. This allows an attacker who knows a victim's username and has access to an account with a password hash that evaluates to zero to log in without knowing the victim's actual password, by using any other password with a hash that also evaluates to zero. The issue affects systems using the MD5 login method.

Recommendations Update to version 2.27.2 or later.