CVE-2026-55377 - Logto: Account Center MFA management step-up bypass via WebAuthn registration verification
CVE ID :CVE-2026-55377 Published : July 10, 2026, 8:16 p.m. | 16 minutes ago Description :Logto is the modern, open-source auth infrastructure for SaaS and AI apps. Prior to 1.41.0, Logto's Account Center step-up check accepted any active verification record that belonged to the current user...