CVE-2026-30777

Name of the Vulnerable Software and Affected Versions EC-CUBE (affected versions not specified)

Description The software contains a multi-factor authentication (MFA) bypass. An attacker with a valid administrator ID and password may be able to bypass two-factor authentication and gain unauthorized access to the administrative page. The vulnerable component allows circumvention of the intended security measures, potentially leading to administrative control.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.