MEDIUM
capacitor-native-biometric
CVE published 2026-06-20
CVE-2026-56294
CVE-2026-56294 is a medium-severity authentication bypass vulnerability in capacitor-native-biometric before 12.128.2. The vulnerability arises from the onAuthenticationSucceeded() method's failure to validate CryptoObject parameters, allowing attackers to bypass biometric authentication without valid credentials by hooking the function using dynamic instrumentation. This issue affects users of the capaci [truncated]