1. Firebase Auth Vulnerability Exposes Reusable Email Verification Bypass via checkInviteAutoVerify Function
A medium-severity authentication flaw in the `checkInviteAutoVerify` Cloud Function allows an invite document to grant `emailVerified: true` status on every future login attempt, including from different user accounts sharing the same email address. The vulnerability, documented in GitHub issue SEC-105, affects the Fir...