CVE-2025-10470 - Vulnerability Analysis
HighCVSS: 8.6Last Updated: May 11, 2026
Magic Link - Denial of Service
Overview
Magic Link authentication flow contains a denial of service vulnerability caused by lack of adequate rate limiting on invalid authentication requests, letting attackers cause service unavailability, exploit requires repeated invalid authentication attempts.
Severity & Score
Impact
Attackers can cause service unavailability by exhausting memory through repeated invalid authentication attempts.
Mitigation
Implement adequate rate limiting and resource controls on authentication requests.
Social Media Activity(2 posts)
š CVE-2025-10470 - High (8.6) The Magic Link authentication flow accepts multiple invalid authentication requests without adequate rate limiting or resource control, leading to uncontrolled memory usage growth. This vulnerability can result in a denial-of-service condition, c... š https://www.thehackerwire.com/vulnerability/CVE-2025-10470/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2025-10470 - High (8.6) The Magic Link authentication flow accepts multiple invalid authentication requests without adequate rate limiting or resource control, leading to uncontrolled memory usage growth. This vulnerability can result in a denial-of-service condition, c... š https://www.thehackerwire.com/vulnerability/CVE-2025-10470/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2025-10470
- Severity
- High
- CVSS Score
- 8.6
- Type
- denial_of_service
- Status
- new
- EPSS
- 4.7%
- Social Posts
- 2
CWE
- CWE-400
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H