A vulnerability identified as critical has been detected in misskey-dev Misskey 2025.2.0-alpha.0/2025.4.1. This issue affects some unknown processing of the component TOTP Authentication Handler. The manipulation leads to improper authorization.

This vulnerability is referenced as CVE-2026-57574. Remote exploitation of the attack is possible. No exploit is available.