EIP-2026-102267

PRE-CVE

PayPal Inc BB #85 MB iOS 4.6 - Authentication Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102267. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary This is a detailed vulnerability writeup describing an authentication bypass vulnerability in PayPal's iOS mobile application (version 4.6.0). The vulnerability allows remote attackers to bypass account restrictions via the mobile API, enabling unauthorized access to blocked accounts.

Description

PayPal Inc BB #85 MB iOS 4.6 - Authentication Bypass

Exploits (1)

exploitdb WRITEUP

by Vulnerability-Lab · textwebappsios

https://www.exploit-db.com/exploits/34957

View Code ZIP pw:eip

This is a detailed vulnerability writeup describing an authentication bypass vulnerability in PayPal's iOS mobile application (version 4.6.0). The vulnerability allows remote attackers to bypass account restrictions via the mobile API, enabling unauthorized access to blocked accounts.

Classification

Writeup 90%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: PayPal iOS App (iPhone & iPad) v4.6.0

Auth required

Prerequisites: A restricted/blocked PayPal account · Access to the PayPal iOS mobile application

MITRE ATT&CK

T1550 - Use Alternate Authentication Material

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026