Authentication Bypass Vulnerability in Drupal Authenticator Login
CVE-2025-8093

Currently unrated

Key Information:

Vendor: Drupal
Status: Authenticator Login
Vendor: CVE Published:; 10 October 2025

What is CVE-2025-8093?

A security vulnerability exists in the Drupal Authenticator Login that allows attackers to bypass authentication mechanisms. This issue affects versions released from 0.0.0 up to, but not including, version 2.1.8. Successful exploitation could enable unauthorized users to access restricted functionalities without valid credentials, thus compromising the application's security.

Affected Version(s)

Authenticator Login 0.0.0 < 2.1.8

References

https://www.drupal.org/sa-contrib-2025-098

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 10, 2025
Vulnerability Reserved
Jul 23, 2025

Credit

Pierre Rudloff (prudloff)

Ahmed Raza (ahmed.raza)

Pierre Rudloff (prudloff)

Damien McKenna (damienmckenna)

Greg Knaddison (greggles)

Drew Webber (mcdruid)

Juraj Nemec (poker10)

Cathy Theys (yesct)

JSON