Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-12795

Summary
Assigner-VulDB
Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5
Published At-21 Jun, 2026 | 08:30
Updated At-23 Jun, 2026 | 02:45
Rejected At-
Credits

BerriAI litellm SSO Debug Flow ui_sso.py json.dumps missing authentication

A vulnerability was determined in BerriAI litellm up to 1.82.2. This affects the function json.dumps of the file litellm/proxy/management_endpoints/ui_sso.py of the component SSO Debug Flow. Executing a manipulation can lead to missing authentication. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulDB
Assigner Org ID:1af790b2-7ee1-4545-860a-a788eba489b5
Published At:21 Jun, 2026 | 08:30
Updated At:23 Jun, 2026 | 02:45
Rejected At:
â–¼CVE Numbering Authority (CNA)
BerriAI litellm SSO Debug Flow ui_sso.py json.dumps missing authentication

A vulnerability was determined in BerriAI litellm up to 1.82.2. This affects the function json.dumps of the file litellm/proxy/management_endpoints/ui_sso.py of the component SSO Debug Flow. Executing a manipulation can lead to missing authentication. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure.

Affected Products
Vendor
BerriAI
Product
litellm
CPEs
  • cpe:2.3:a:litellm:litellm:*:*:*:*:*:*:*:*
Modules
  • SSO Debug Flow
Versions
Affected
  • 1.82.0
  • 1.82.1
  • 1.82.2
Problem Types
TypeCWE IDDescription
CWECWE-306Missing Authentication
CWECWE-287Improper Authentication
Type: CWE
CWE ID: CWE-306
Description: Missing Authentication
Type: CWE
CWE ID: CWE-287
Description: Improper Authentication
Metrics
VersionBase scoreBase severityVector
4.06.9MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
3.07.3HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
2.07.5N/A
AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR
Version: 4.0
Base score: 6.9
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Version: 3.0
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Version: 2.0
Base score: 7.5
Base severity: N/A
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

reporter
Eric-c (VulDB User)
coordinator
VulDB CNA Team
Timeline
EventDate
Advisory disclosed2026-06-20 00:00:00
VulDB entry created2026-06-20 02:00:00
VulDB entry last update2026-06-20 19:17:30
Event: Advisory disclosed
Date: 2026-06-20 00:00:00
Event: VulDB entry created
Date: 2026-06-20 02:00:00
Event: VulDB entry last update
Date: 2026-06-20 19:17:30
Replaced By

Rejected Reason

References
HyperlinkResource
https://vuldb.com/vuln/372557
vdb-entry
technical-description
https://vuldb.com/vuln/372557/cti
signature
permissions-required
https://vuldb.com/cve/CVE-2026-12795
third-party-advisory
https://vuldb.com/submit/811286
third-party-advisory
https://gist.github.com/YLChen-007/9b13c75a3a73187a4082cc6df0b100d3
exploit
Hyperlink: https://vuldb.com/vuln/372557
Resource:
vdb-entry
technical-description
Hyperlink: https://vuldb.com/vuln/372557/cti
Resource:
signature
permissions-required
Hyperlink: https://vuldb.com/cve/CVE-2026-12795
Resource:
third-party-advisory
Hyperlink: https://vuldb.com/submit/811286
Resource:
third-party-advisory
Hyperlink: https://gist.github.com/YLChen-007/9b13c75a3a73187a4082cc6df0b100d3
Resource:
exploit
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cna@vuldb.com
Published At:21 Jun, 2026 | 09:16
Updated At:24 Jun, 2026 | 20:15

A vulnerability was determined in BerriAI litellm up to 1.82.2. This affects the function json.dumps of the file litellm/proxy/management_endpoints/ui_sso.py of the component SSO Debug Flow. Executing a manipulation can lead to missing authentication. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.05.5MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Secondary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
N/A
Type: Secondary
Version: 4.0
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Type: Secondary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

litellm
litellm
>>litellm>>Versions up to 1.82.2(inclusive)
cpe:2.3:a:litellm:litellm:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Secondarycna@vuldb.com
CWE-306Secondarycna@vuldb.com
CWE ID: CWE-287
Type: Secondary
Source: cna@vuldb.com
CWE ID: CWE-306
Type: Secondary
Source: cna@vuldb.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://gist.github.com/YLChen-007/9b13c75a3a73187a4082cc6df0b100d3cna@vuldb.com
Exploit
Third Party Advisory
https://vuldb.com/cve/CVE-2026-12795cna@vuldb.com
Third Party Advisory
VDB Entry
https://vuldb.com/submit/811286cna@vuldb.com
Third Party Advisory
Exploit
VDB Entry
https://vuldb.com/vuln/372557cna@vuldb.com
Third Party Advisory
VDB Entry
https://vuldb.com/vuln/372557/cticna@vuldb.com
Permissions Required
VDB Entry
Hyperlink: https://gist.github.com/YLChen-007/9b13c75a3a73187a4082cc6df0b100d3
Source: cna@vuldb.com
Resource:
Exploit
Third Party Advisory
Hyperlink: https://vuldb.com/cve/CVE-2026-12795
Source: cna@vuldb.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://vuldb.com/submit/811286
Source: cna@vuldb.com
Resource:
Third Party Advisory
Exploit
VDB Entry
Hyperlink: https://vuldb.com/vuln/372557
Source: cna@vuldb.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://vuldb.com/vuln/372557/cti
Source: cna@vuldb.com
Resource:
Permissions Required
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

934Records found

CVE-2026-12773
Matching Score-10
Assigner-VulDB
ShareView Details
Matching Score-10
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.61% / 44.92%
||
7 Day CHG+0.01%
Published-21 Jun, 2026 | 03:15
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BerriAI litellm MCP Proxy user_api_key_auth_mcp.py UserAPIKeyAuth improper authentication

A weakness has been identified in BerriAI litellm up to 1.59.8. Affected is the function UserAPIKeyAuth of the file litellm/proxy/_experimental/mcp_server/auth/user_api_key_auth_mcp.py of the component MCP Proxy. Executing a manipulation can lead to improper authentication. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure.

Action-Not Available
Vendor-litellmBerriAIRed Hat, Inc.
Product-litellmlitellmExploit IntelligenceRed Hat Ansible Automation Platform 2Red Hat OpenShift AI (RHOAI)
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-303
Incorrect Implementation of Authentication Algorithm
CVE-2026-35030
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-9.4||CRITICAL
EPSS-0.49% / 38.57%
||
7 Day CHG+0.09%
Published-06 Apr, 2026 | 16:47
Updated-30 Jun, 2026 | 03:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LiteLLM has an authentication bypass via OIDC userinfo cache key collision

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, when JWT authentication is enabled (enable_jwt_auth: true), the OIDC userinfo cache uses token[:20] as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters. This configuration option is not enabled by default. Most instances are not affected. An unauthenticated attacker can craft a token whose first 20 characters match a legitimate user's cached token. On cache hit, the attacker inherits the legitimate user's identity and permissions. This affects deployments with JWT/OIDC authentication enabled. Fixed in v1.83.0.

Action-Not Available
Vendor-litellmBerriAIRed Hat, Inc.
Product-litellmlitellmRed Hat Ansible Automation Platform 2.6Red Hat OpenShift AI (RHOAI)Red Hat OpenShift AI 3.3Red Hat OpenShift AI 2.25Lightspeed Core
CWE ID-CWE-222
Truncation of Security-relevant Information
CWE ID-CWE-287
Improper Authentication
CVE-2016-11074
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.18% / 63.71%
||
7 Day CHG~0.00%
Published-19 Jun, 2020 | 19:26
Updated-06 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.

Action-Not Available
Vendor-n/aMattermost, Inc.
Product-mattermost_servern/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-0377
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.73% / 84.25%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 23:00
Updated-29 Nov, 2024 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to directly connect to the OSGi interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by directly connecting to the OSGi interface. An exploit could allow the attacker to access or change any files that are accessible by the OSGi process. Cisco Bug IDs: CSCvh18017.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-policy_suitemobility_services_engineCisco Policy Suite unknown
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2006-0062
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.46% / 70.36%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 02:13
Updated-07 Aug, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window.

Action-Not Available
Vendor-sillycyclen/a
Product-xlockmoren/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-1999-0366
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.69% / 88.34%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_ntn/a
CWE ID-CWE-287
Improper Authentication
CVE-2016-10732
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.85% / 76.58%
||
7 Day CHG~0.00%
Published-28 Oct, 2018 | 03:00
Updated-06 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ProjectSend (formerly cFTP) r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?file_id=1, or process-zip-download.php, or add_user_form_* parameters to users-add.php.

Action-Not Available
Vendor-projectsendn/a
Product-projectsendn/a
CWE ID-CWE-287
Improper Authentication
CVE-2016-10525
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-9.8||CRITICAL
EPSS-2.52% / 82.93%
||
7 Day CHG~0.00%
Published-29 May, 2018 | 20:00
Updated-17 Sep, 2024 | 01:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When attempting to allow authentication mode `try` in hapi, hapi-auth-jwt2 version 5.1.1 introduced an issue whereby people could bypass authentication.

Action-Not Available
Vendor-dwylHackerOne
Product-hapi-auth-jwt2hapi-auth-jwt2 node module
CWE ID-CWE-287
Improper Authentication
CVE-2006-0374
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.65% / 73.68%
||
7 Day CHG~0.00%
Published-22 Jan, 2006 | 20:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 has multiple undocumented ports available, which (1) might allow remote attackers to obtain sensitive information, such as memory contents and internal operating-system data, by directly accessing the VxWorks WDB remote debugging ONCRPC (aka wdbrpc) on UDP 17185, (2) reflect network data using echo (TCP 7), or (3) gain access without authentication using rlogin (TCP 513).

Action-Not Available
Vendor-advantage_century_telecommunicationn/a
Product-p202sn/a
CWE ID-CWE-287
Improper Authentication
CVE-2012-1123
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-3.73% / 88.47%
||
7 Day CHG~0.00%
Published-29 Jun, 2012 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mci_check_login function in api/soap/mc_api.php in the SOAP API in MantisBT before 1.2.9 allows remote attackers to bypass authentication via a null password.

Action-Not Available
Vendor-n/aMantis Bug Tracker (MantisBT)
Product-mantisbtn/a
CWE ID-CWE-287
Improper Authentication
CVE-2012-0931
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.92% / 91.06%
||
7 Day CHG~0.00%
Published-28 Jan, 2012 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aSchneider Electric SE
Product-modicon_quantum_plcn/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-20933
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-30.92% / 98.04%
||
7 Day CHG~0.00%
Published-19 Nov, 2020 | 01:50
Updated-05 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).

Action-Not Available
Vendor-influxdatan/aDebian GNU/Linux
Product-influxdbdebian_linuxn/a
CWE ID-CWE-287
Improper Authentication
CVE-2016-0733
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-3.06% / 86.00%
||
7 Day CHG~0.00%
Published-12 Apr, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid username.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-rangern/a
CWE ID-CWE-287
Improper Authentication
CVE-2016-10309
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.68% / 74.05%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 07:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the GUI of Ceragon FibeAir IP-10 (before 7.2.0) devices, a remote attacker can bypass authentication by adding an ALBATROSS cookie with the value 0-4-11 to their browser.

Action-Not Available
Vendor-ceragonn/a
Product-fibeair_ip-10_firmwarefibeair_ip-10n/a
CWE ID-CWE-287
Improper Authentication
CVE-2011-4973
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.02% / 59.11%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 21:00
Updated-07 Aug, 2024 | 00:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.

Action-Not Available
Vendor-mod_nss_projectn/a
Product-mod_nssn/a
CWE ID-CWE-287
Improper Authentication
CVE-2026-8321
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.41% / 32.96%
||
7 Day CHG~0.00%
Published-11 May, 2026 | 19:45
Updated-12 May, 2026 | 12:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
inkeep agents runAuth Middleware runAuth.ts createDevContext authentication bypass

A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affects the function createDevContext of the file agents-api/src/middleware/runAuth.ts of the component runAuth Middleware. Performing a manipulation results in authentication bypass using alternate channel. The attack is possible to be carried out remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Action-Not Available
Vendor-inkeep
Product-agents
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2026-7679
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.41% / 33.22%
||
7 Day CHG~0.00%
Published-03 May, 2026 | 04:15
Updated-05 May, 2026 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
YunaiV yudao-cloud OAuth2TokenServiceImpl.java getAccessToken improper authentication

A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This impacts the function getAccessToken of the file yudao-module-system-biz/src/main/java/io/github/ruoyi/common/oauth2/service/impl/OAuth2TokenServiceImpl.java. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-YunaiV
Product-yudao-cloud
CWE ID-CWE-287
Improper Authentication
CVE-2026-6582
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.39% / 31.07%
||
7 Day CHG~0.00%
Published-19 Apr, 2026 | 22:45
Updated-22 Apr, 2026 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TransformerOptimus SuperAGI Vector Database Management Endpoint vector_dbs.py get_vector_db_details missing authentication

A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function get_vector_db_details of the file superagi/controllers/vector_dbs.py of the component Vector Database Management Endpoint. Executing a manipulation can lead to missing authentication. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TransformerOptimus
Product-SuperAGI
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-7022
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.38% / 30.29%
||
7 Day CHG~0.00%
Published-26 Apr, 2026 | 05:45
Updated-27 Apr, 2026 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SmythOS sre HTTP Header AgentRuntime.class.ts AgentRuntime improper authentication

A security vulnerability has been detected in SmythOS sre up to 0.0.15. Affected is the function AgentRuntime of the file packages/core/src/subsystems/AgentManager/AgentRuntime.class.ts of the component HTTP Header Handler. Such manipulation of the argument X-DEBUG-RUN/X-DEBUG-INJ leads to improper authentication. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-SmythOS
Product-sre
CWE ID-CWE-287
Improper Authentication
CVE-2018-0121
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.56% / 83.19%
||
7 Day CHG-0.10%
Published-22 Feb, 2018 | 00:00
Updated-02 Dec, 2024 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The vulnerability is due to improper security restrictions that are imposed by the web-based service portal of the affected software. An attacker could exploit this vulnerability by submitting an empty password value to an affected portal when prompted to enter an administrative password for the portal. A successful exploit could allow the attacker to bypass authentication and gain administrator privileges for the web-based service portal of the affected software. This vulnerability affects Cisco Elastic Services Controller Software Release 3.0.0. Cisco Bug IDs: CSCvg29809.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-elastic_services_controllervirtual_managed_servicesCisco Elastic Services Controller
CWE ID-CWE-287
Improper Authentication
CVE-2026-5632
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.41% / 33.22%
||
7 Day CHG~0.00%
Published-06 Apr, 2026 | 06:45
Updated-27 Apr, 2026 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
assafelovic gpt-researcher HTTP REST API Endpoint missing authentication

A vulnerability was found in assafelovic gpt-researcher up to 3.4.3. This impacts an unknown function of the component HTTP REST API Endpoint. Performing a manipulation results in missing authentication. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.

Action-Not Available
Vendor-assafelovic
Product-gpt-researcher
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2018-0271
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.75% / 84.39%
||
7 Day CHG~0.00%
Published-17 May, 2018 | 03:00
Updated-29 Nov, 2024 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the API gateway of the Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and access critical services. The vulnerability is due to a failure to normalize URLs prior to servicing requests. An attacker could exploit this vulnerability by submitting a crafted URL designed to exploit the issue. A successful exploit could allow the attacker to gain unauthenticated access to critical services, resulting in elevated privileges in DNA Center. This vulnerability affects Cisco DNA Center Software Releases prior to 1.1.2. Cisco Bug IDs: CSCvi09394.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-digital_network_architecture_centerCisco Digital Network Architecture Center
CWE ID-CWE-287
Improper Authentication
CVE-2026-5676
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.40% / 32.44%
||
7 Day CHG~0.00%
Published-06 Apr, 2026 | 18:15
Updated-27 Apr, 2026 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink A8000R cstecgi.cgi setLanguageCfg missing authentication

A vulnerability was identified in Totolink A8000R 5.9c.681_B20180413. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument langType leads to missing authentication. The attack can be launched remotely. The exploit is publicly available and might be used.

Action-Not Available
Vendor-TOTOLINK
Product-A8000R
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2011-3372
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-3.36% / 87.25%
||
7 Day CHG~0.00%
Published-24 Dec, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.

Action-Not Available
Vendor-cyrusn/a
Product-imapdn/a
CWE ID-CWE-287
Improper Authentication
CVE-2017-14008
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-3.08% / 86.07%
||
7 Day CHG~0.00%
Published-20 Mar, 2018 | 16:00
Updated-16 Sep, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.

Action-Not Available
Vendor-geGE Healthcare
Product-centricity_pacs_ra1000GE Centricity PACS RA1000
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2004-2182
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.24% / 65.63%
||
7 Day CHG~0.00%
Published-10 Jul, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server.

Action-Not Available
Vendor-n/aMacromedia, Inc.
Product-jrunn/a
CWE ID-CWE-287
Improper Authentication
CVE-2026-5616
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.41% / 32.81%
||
7 Day CHG~0.00%
Published-06 Apr, 2026 | 03:15
Updated-27 Apr, 2026 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
JeecgBoot AI Chat JeecgBizToolsProvider.java missing authentication

A security vulnerability has been detected in JeecgBoot 3.9.0/3.9.1. The impacted element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/airag/JeecgBizToolsProvider.java of the component AI Chat Module. Such manipulation leads to missing authentication. The attack can be executed remotely. The name of the patch is b7c9aeba7aefda9e008ea8fe4fc3daf08d0c5b39/2c1cc88b8d983868df8c520a343d6ff4369d9e59. It is best practice to apply a patch to resolve this issue. The project fixed the issue with a commit which shall be part of the next official release.

Action-Not Available
Vendor-n/a
Product-JeecgBoot
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2004-2715
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.58% / 90.47%
||
7 Day CHG~0.00%
Published-06 Oct, 2007 | 21:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain administrative privileges by setting the do_not_login parameter to false.

Action-Not Available
Vendor-php_heavenn/a
Product-phpmychatn/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-19825
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-29.56% / 97.96%
||
7 Day CHG~0.00%
Published-27 Jan, 2020 | 16:50
Updated-05 Aug, 2024 | 02:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. (Also, the CAPTCHA text is not needed once the attacker has determined valid credentials. The attacker can perform router actions via HTTP requests with Basic Authentication.) This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a702r_firmwarea3002ru_firmwaren300rt_firmwarea3002run150rtn200ren301rt_firmwaren302ra702rn301rtn150rt_firmwaren200re_firmwaren300rtn302r_firmwaren100re_firmwaren100ren/a
CWE ID-CWE-287
Improper Authentication
CVE-2026-5320
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.41% / 33.22%
||
7 Day CHG~0.00%
Published-02 Apr, 2026 | 03:45
Updated-27 Apr, 2026 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
vanna-ai vanna Chat API Endpoint v2 missing authentication

A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is an unknown functionality of the file /api/vanna/v2/ of the component Chat API Endpoint. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-vanna-ai
Product-vanna
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18925
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.44% / 69.92%
||
7 Day CHG~0.00%
Published-12 Nov, 2019 | 16:15
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication.

Action-Not Available
Vendor-systematicn/a
Product-iris_webformsn/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18938
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-33.84% / 98.19%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:52
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the E-Mail AddOn through 1.6.8.c installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the save.cgi script for payload upload and the testtcl.cgi script for its execution.

Action-Not Available
Vendor-hm_email_projecteq-3n/a
Product-homematic_ccu2_firmwarehm_emailhomematic_ccu3_firmwarehomematic_ccu3homematic_ccu2n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-19521
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.74% / 84.32%
||
7 Day CHG~0.00%
Published-04 Dec, 2019 | 23:33
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. This is related to gen/auth_subr.c and gen/authenticate.c in libc (and login/login.c and xenocara/app/xenodm/greeter/verify.c).

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CWE ID-CWE-287
Improper Authentication
CVE-2015-7871
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-81.76% / 99.60%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxNetApp, Inc.
Product-data_ontapdebian_linuxoncommand_performance_managerntpclustered_data_ontaponcommand_balanceoncommand_unified_managern/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-18939
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-40.78% / 98.48%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:53
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi and exec1.cgi scripts, which execute TCL script content from an HTTP POST request.

Action-Not Available
Vendor-eq-3hm-print_projectn/a
Product-homematic_ccu2_firmwarehm-printhomematic_ccu3_firmwarehomematic_ccu3homematic_ccu2n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-5000
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.39% / 31.07%
||
7 Day CHG~0.00%
Published-28 Mar, 2026 | 15:00
Updated-24 Apr, 2026 | 16:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PromtEngineer localGPT API Endpoint server.py LocalGPTHandler missing authentication

A vulnerability was detected in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. Impacted is the function LocalGPTHandler of the file backend/server.py of the component API Endpoint. The manipulation of the argument BaseHTTPRequestHandler results in missing authentication. The attack can be executed remotely. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-PromtEngineer
Product-localGPT
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2003-1442
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.64% / 83.71%
||
7 Day CHG~0.00%
Published-23 Oct, 2007 | 01:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side.

Action-Not Available
Vendor-n/aEricsson
Product-hm220dp_adsl_modemn/a
CWE ID-CWE-287
Improper Authentication
CVE-2003-1343
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.62% / 83.58%
||
7 Day CHG~0.00%
Published-14 Oct, 2007 | 19:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3".

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-scanmailn/a
CWE ID-CWE-287
Improper Authentication
CVE-2015-7746
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.60% / 72.83%
||
7 Day CHG~0.00%
Published-01 Sep, 2017 | 13:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NetApp Data ONTAP before 8.2.4, when operating in 7-Mode, allows remote attackers to bypass authentication and (1) obtain sensitive information from or (2) modify volumes via vectors related to UTF-8 in the volume language.

Action-Not Available
Vendor-n/aNetApp, Inc.
Product-data_ontapn/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-20027
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.37% / 68.64%
||
7 Day CHG~0.00%
Published-29 Jul, 2020 | 17:29
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100 and SL2100 with software releases 7.0 or higher contain the possibility if incorrectly configured to allow a blank username and password combination to be entered as a valid, successfully authenticating account.

Action-Not Available
Vendor-n/aNEC Corporation
Product-sv8100_firmwaresl1100_firmwaresv9100sl2100_firmwaresv9100_firmwaresl1100sl2100sv8100n/a
CWE ID-CWE-287
Improper Authentication
CVE-2014-8522
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.25% / 65.86%
||
7 Day CHG~0.00%
Published-29 Oct, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The MySQL database in McAfee Network Data Loss Prevention (NDLP) before 9.3 does not require a password, which makes it easier for remote attackers to obtain access.

Action-Not Available
Vendor-n/aMcAfee, LLC
Product-network_data_loss_preventionn/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-20033
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.10% / 61.65%
||
7 Day CHG~0.00%
Published-29 Jul, 2020 | 17:30
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On Aspire-derived NEC PBXes, including all versions of SV8100 devices, a set of documented, static login credentials may be used to access the DIM interface.

Action-Not Available
Vendor-n/aNEC Corporation
Product-sv8100_firmwaresv8100n/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-19104
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
ShareView Details
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
CVSS Score-9.1||CRITICAL
EPSS-1.37% / 68.64%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 14:31
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ABB/Busch-Jaeger Telephone Gateway TG/S 3.2 Improper Authentication and Access Control

The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator (URL) , violating the access-control (ACL) rules. This issue allows obtaining sensitive information that may aid in further attacks and privilege escalation.

Action-Not Available
Vendor-Busch-Jaeger (ABB)ABB
Product-6186\/11_firmware6186\/11tg\/s3.2tg\/s3.2_firmware6186/11 Telefon-Gateway TG/S 3.2 Telephone Gateway
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-20046
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.22% / 80.49%
||
7 Day CHG~0.00%
Published-14 Feb, 2020 | 16:18
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Synergy Systems & Solutions PLC & RTU system has a vulnerability in HUSKY RTU 6049-E70 firmware versions 5.0 and prior. The affected product does not require adequate authentication, which may allow an attacker to read sensitive information or execute arbitrary code. This is a different issue than CVE-2019-16879 and CVE-2019-20045.

Action-Not Available
Vendor-s3indian/a
Product-husky_rtu_6049-e70_firmwarehusky_rtu_6049-e70n/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-18937
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-33.84% / 98.19%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:50
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the Script Parser AddOn through 1.8 installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi script, which executes TCL script content from an HTTP POST request.

Action-Not Available
Vendor-scriptparser_projecteq-3n/a
Product-homematic_ccu2_firmwarescriptparserhomematic_ccu3_firmwarehomematic_ccu3homematic_ccu2n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2005-1957
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.65% / 73.62%
||
7 Day CHG~0.00%
Published-14 Jun, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mtnpeak.net File Upload Manager does not properly check user authentication for certain actions, which allows remote attackers to provide a modified base64-encoded file parameter and (1) read arbitrary files via the "view" action or (2) delete arbitrary files via the del action.

Action-Not Available
Vendor-adam_mmedicin/a
Product-file_upload_managern/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-19518
Matching Score-4
Assigner-CA Technologies - A Broadcom Company
ShareView Details
Matching Score-4
Assigner-CA Technologies - A Broadcom Company
CVSS Score-9.8||CRITICAL
EPSS-2.83% / 84.87%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 15:57
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote attackers to execute arbitrary commands.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-ca_automic_sysloadCA Automic Sysload
CWE ID-CWE-287
Improper Authentication
CVE-2017-5640
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-2.85% / 85.00%
||
7 Day CHG~0.00%
Published-10 Jul, 2017 | 20:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was noticed that a malicious process impersonating an Impala daemon in Apache Impala (incubating) 2.7.0 to 2.8.0 could cause Impala daemons to skip authentication checks when Kerberos is enabled (but TLS is not). If the malicious server responds with 'COMPLETE' before the SASL handshake has completed, the client will consider the handshake as completed even though no exchange of credentials has happened.

Action-Not Available
Vendor-The Apache Software Foundation
Product-impalaApache Impala
CWE ID-CWE-287
Improper Authentication
CVE-2019-1895
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.28% / 81.04%
||
7 Day CHG~0.00%
Published-07 Aug, 2019 | 20:55
Updated-19 Nov, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Enterprise NFV Infrastructure Software VNC Authentication Bypass Vulnerability

A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to access the VNC console session of an administrative user on an affected device. The vulnerability is due to an insufficient authentication mechanism used to establish a VNC session. An attacker could exploit this vulnerability by intercepting an administrator VNC session request prior to login. A successful exploit could allow the attacker to watch the administrator console session or interact with it, allowing admin access to the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-enterprise_network_function_virtualization_infrastructureCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-12720
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-88.95% / 99.76%
||
7 Day CHG~0.00%
Published-07 May, 2020 | 23:52
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control.

Action-Not Available
Vendor-vbulletinn/a
Product-vbulletinn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE ID-CWE-306
Missing Authentication for Critical Function
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 18
  • 19
  • Next
Details not found