One API Call to Hijack: Critical Cal.com Flaw (CVE-2026-23478, CVSS 10) Bypasses 2FA Vulnerability Report One API Call to Hijack: Critical Cal.com Flaw (CVE-2026-23478, CVSS 10) Bypasses 2FA Do Son January 15, 2026 0 A critical security vulnerability has been found in Cal.com, the popular open-source scheduling platform used by individuals... Read More Read more about One API Call to Hijack: Critical Cal.com Flaw (CVE-2026-23478, CVSS 10) Bypasses 2FA
Do Son