A critical vulnerability has been uncovered in ZITADEL, the open‑source identity and access management (IAM) platform widely used by enterprises for secure authentication workflows. The flaw, tracked as CVE‑2026‑29191, allows unauthenticated remote attackers to execute arbitrary JavaScript code directly inside a user’s browser, leading to password resets and potentially full system compromise with just a […] The post 1-Click Vulnerability in ZITADEL Enables Attackers to Take Over Entire Systems appeared first on Cyber Security News.