Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-56782

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-29 Jun, 2026 | 17:16
Updated At-30 Jun, 2026 | 11:15
Rejected At-
Credits

Gorse - Unauthenticated Database Dump and Restore via /api/dump and /api/restore Endpoints

Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when admin_api_key is empty, which is the default configuration. Remote attackers can exfiltrate the entire database including user records, items, and feedback data containing personally identifiable information, or completely overwrite the dataset without authentication.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:29 Jun, 2026 | 17:16
Updated At:30 Jun, 2026 | 11:15
Rejected At:
â–¼CVE Numbering Authority (CNA)
Gorse - Unauthenticated Database Dump and Restore via /api/dump and /api/restore Endpoints

Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when admin_api_key is empty, which is the default configuration. Remote attackers can exfiltrate the entire database including user records, items, and feedback data containing personally identifiable information, or completely overwrite the dataset without authentication.

Affected Products
Vendor
gorse-io
Product
gorse
Repo
https://github.com/gorse-io/gorse
Default Status
unaffected
Versions
Affected
  • From 0 before 0.5.10 (semver)
Unaffected
  • 0.5.10 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-306Missing Authentication for Critical Function
Type: CWE
CWE ID: CWE-306
Description: Missing Authentication for Critical Function
Metrics
VersionBase scoreBase severityVector
4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

finder
George Chen
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/gorse-io/gorse/issues/1292
issue-tracking
https://github.com/gorse-io/gorse/pull/1293
issue-tracking
https://github.com/gorse-io/gorse/commit/19fdcbb309fb5b609e9cc3eb10c74885b5b27da9
patch
https://www.vulncheck.com/advisories/gorse-unauthenticated-database-dump-and-restore-via-api-dump-and-api-restore-endpoints
third-party-advisory
Hyperlink: https://github.com/gorse-io/gorse/issues/1292
Resource:
issue-tracking
Hyperlink: https://github.com/gorse-io/gorse/pull/1293
Resource:
issue-tracking
Hyperlink: https://github.com/gorse-io/gorse/commit/19fdcbb309fb5b609e9cc3eb10c74885b5b27da9
Resource:
patch
Hyperlink: https://www.vulncheck.com/advisories/gorse-unauthenticated-database-dump-and-restore-via-api-dump-and-api-restore-endpoints
Resource:
third-party-advisory
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:29 Jun, 2026 | 18:16
Updated At:29 Jun, 2026 | 20:17

Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when admin_api_key is empty, which is the default configuration. Remote attackers can exfiltrate the entire database including user records, items, and feedback data containing personally identifiable information, or completely overwrite the dataset without authentication.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
N/A
Type: Secondary
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-306Secondarydisclosure@vulncheck.com
CWE ID: CWE-306
Type: Secondary
Source: disclosure@vulncheck.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/gorse-io/gorse/commit/19fdcbb309fb5b609e9cc3eb10c74885b5b27da9disclosure@vulncheck.com
N/A
https://github.com/gorse-io/gorse/issues/1292disclosure@vulncheck.com
N/A
https://github.com/gorse-io/gorse/pull/1293disclosure@vulncheck.com
N/A
https://www.vulncheck.com/advisories/gorse-unauthenticated-database-dump-and-restore-via-api-dump-and-api-restore-endpointsdisclosure@vulncheck.com
N/A
Hyperlink: https://github.com/gorse-io/gorse/commit/19fdcbb309fb5b609e9cc3eb10c74885b5b27da9
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://github.com/gorse-io/gorse/issues/1292
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://github.com/gorse-io/gorse/pull/1293
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.vulncheck.com/advisories/gorse-unauthenticated-database-dump-and-restore-via-api-dump-and-api-restore-endpoints
Source: disclosure@vulncheck.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

663Records found

CVE-2020-25228
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-1.37% / 68.61%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 21:05
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access to this service. The system manual recommends to protect access to this port.

Action-Not Available
Vendor-Siemens AG
Product-logo\!_8_bmlogo\!_8_bm_firmwareLOGO! 8 BM (incl. SIPLUS variants)
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-26143
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-87.56% / 99.73%
||
7 Day CHG~0.00%
Published-09 Mar, 2022 | 15:32
Updated-03 Nov, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.

The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack.

Action-Not Available
Vendor-n/aMitel Networks Corp.
Product-micollabmivoice_business_expressn/aMiCollab, MiVoice Business Express
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2006-0062
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.46% / 70.36%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 02:13
Updated-07 Aug, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window.

Action-Not Available
Vendor-sillycyclen/a
Product-xlockmoren/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-41715
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 36.84%
||
7 Day CHG~0.00%
Published-24 Sep, 2025 | 09:04
Updated-24 Sep, 2025 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Authentication for Database Access in Web Application

The database for the web application is exposed without authentication, allowing an unauthenticated remote attacker to gain unauthorized access and potentially compromise it.

Action-Not Available
Vendor-WAGO
Product-Solution BuilderDevice Sphere
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2023-44116
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 30.11%
||
7 Day CHG~0.00%
Published-11 Oct, 2023 | 12:01
Updated-18 Sep, 2024 | 15:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of access permissions not being strictly verified in the APPWidget module.Successful exploitation of this vulnerability may cause some apps to run without being authorized.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiHarmonyOSEMUI
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-9141
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.48% / 38.04%
||
7 Day CHG~0.00%
Published-20 May, 2026 | 19:52
Updated-21 May, 2026 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Taiko AG1000-01A Rev 7.3/8 Authentication Bypass via Web Interface

Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains an authentication bypass vulnerability in the embedded web configuration interface that allows unauthenticated attackers to access internal application pages without any session management or server-side authentication checks. Attackers with network access can directly request internal resources such as index.zhtml, point.zhtml, and log.shtml to gain full administrative read and write access, enabling unauthorized modification of alarm routing, device configuration, and disruption of monitoring and control functions.

Action-Not Available
Vendor-Taiko Network Communications Pte Ltd.
Product-AG1000-01A SMS Alert Gateway
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-8732
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-9.46% / 94.83%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 05:32
Updated-29 May, 2026 | 13:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action

The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and including, 6.1.0. This is due to the wpgmp_temp_access_ajax AJAX action being registered with wp_ajax_nopriv_ and protected only by a nonce check using the fc-call-nonce nonce, which is publicly embedded into every frontend page via wp_localize_script as the nonce field of the wpgmp_local JavaScript object, rendering the check ineffective as an access control mechanism. This makes it possible for unauthenticated attackers to invoke the wpgmp_temp_access_support handler with check_temp=false, which unconditionally creates a new WordPress user with the hardcoded role of administrator via wp_insert_user() and returns a magic login URL that, when visited, calls wp_set_auth_cookie() to fully authenticate the attacker as the newly created administrator, resulting in complete site takeover.

Action-Not Available
Vendor-flippercode
Product-WP Maps Pro
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-24051
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.22% / 80.49%
||
7 Day CHG~0.00%
Published-21 Aug, 2020 | 14:23
Updated-04 Aug, 2024 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Moog EXO Series EXVF5C-2 and EXVP7C2-3 units support the ONVIF interoperability IP-based physical security protocol, which requires authentication for some of its operations. It was found that the authentication check for those ONVIF operations can be bypassed. An attacker can abuse this issue to execute privileged operations without authentication, for instance, to create a new Administrator user.

Action-Not Available
Vendor-moogn/a
Product-exvf5c-2exvf5c-2_firmwareexvp7c2-3exvp7c2-3_firmwaren/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-7415
Matching Score-4
Assigner-Austin Hackers Anonymous
ShareView Details
Matching Score-4
Assigner-Austin Hackers Anonymous
CVSS Score-9.8||CRITICAL
EPSS-0.54% / 41.66%
||
7 Day CHG~0.00%
Published-07 May, 2026 | 16:11
Updated-14 May, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open MQTT orchestration without read/write ACLs in Yarbo robot firmware

The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages directly to the robot without authentication or authorization of any kind.

Action-Not Available
Vendor-yarboYarbo
Product-lawn_mowerlawn_mower_firmwarelawn_mower_prolawn_mower_pro_firmwareFirmware
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-8364
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.30% / 22.20%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 19:38
Updated-29 May, 2026 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gladinet Triofox Missing Authentication for Critical Functions

Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache.

Action-Not Available
Vendor-Gladinet
Product-Triofox
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-4767
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-9.8||CRITICAL
EPSS-Not Assigned
Published-02 Jul, 2026 | 13:12
Updated-02 Jul, 2026 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Access Control in TR7's WAF-ASP

Missing authentication for critical function vulnerability in TR7 Cyber ​​Defense Inc. WAF-ASP allows Authentication Abuse. This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117.

Action-Not Available
Vendor-TR7 Cyber ​​Defense Inc.
Product-WAF-ASP
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-6274
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 36.65%
||
7 Day CHG~0.00%
Published-05 Jun, 2026 | 09:01
Updated-08 Jun, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication Bypass in DTS Electronics' Redline WR3200

Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8.

Action-Not Available
Vendor-DTS Electronics Industry and Trade Ltd. Co.
Product-Redline WR3200
CWE ID-CWE-1390
Weak Authentication
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-58127
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.78% / 51.40%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 14:41
Updated-02 Jul, 2026 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PACSgear MediaWriter 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service

PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET WebClient class methods, an unauthenticated remote attacker can read and write arbitrary files on the host filesystem. The ObjectURIs are identical across all installations by default. Chaining the arbitrary file write primitive with DLL hijacking opportunities in the MediaWriter service (which runs as NT Authority\\SYSTEM and loads missing DLLs such as CRYPTBASE.DLL from the application directory) enables unauthenticated remote code execution as SYSTEM upon service restart.

Action-Not Available
Vendor-Hyland
Product-PACSgear MediaWriter
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-58126
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.75% / 50.46%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 14:39
Updated-02 Jul, 2026 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PACSgear PACS Scan 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service

PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can chain the arbitrary file write primitive with DLL hijacking in PGImageExchangeQueueSvc.exe, which loads missing DLLs such as CRYPTSP.DLL from the application directory, to achieve remote code execution as NT Authority\SYSTEM upon service restart.

Action-Not Available
Vendor-Hyland
Product-PACSgear PACS Scan
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-54088
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.53% / 41.02%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 17:49
Updated-25 Jun, 2026 | 19:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
File Browser: Command Injection via Authentication Hook Shell Substitution (Pre-Authentication RCE)

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, the Hook Authentication feature in File Browser allows administrators to delegate login verification to an external shell command. User-supplied credentials (username and password) are interpolated into this command string using os.Expand without sanitization. An unauthenticated remote attacker can inject shell metacharacters in the username or password field at the login screen, causing the server to execute arbitrary OS commands before any authentication takes place. This is a critical pre-authentication RCE. This vulnerability is fixed in 2.63.6.

Action-Not Available
Vendor-filebrowser
Product-filebrowser
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2019-18925
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.44% / 69.92%
||
7 Day CHG~0.00%
Published-12 Nov, 2019 | 16:15
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication.

Action-Not Available
Vendor-systematicn/a
Product-iris_webformsn/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-54130
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.58% / 43.37%
||
7 Day CHG+0.07%
Published-18 Jun, 2026 | 21:42
Updated-01 Jul, 2026 | 20:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
M365 Copilot Information Disclosure Vulnerability

Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-365_copilotMicrosoft 365 Copilot
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-26501
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.28% / 89.90%
||
7 Day CHG~0.00%
Published-17 Mar, 2022 | 20:28
Updated-03 Nov, 2025 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-01-03||Apply updates per vendor instructions.

Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).

Action-Not Available
Vendor-n/aVeeam Software Group GmbH
Product-veeam_backup_\&_replicationn/aBackup & Replication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18938
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-33.84% / 98.19%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:52
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the E-Mail AddOn through 1.6.8.c installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the save.cgi script for payload upload and the testtcl.cgi script for its execution.

Action-Not Available
Vendor-hm_email_projecteq-3n/a
Product-homematic_ccu2_firmwarehm_emailhomematic_ccu3_firmwarehomematic_ccu3homematic_ccu2n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18939
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-40.78% / 98.48%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:53
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi and exec1.cgi scripts, which execute TCL script content from an HTTP POST request.

Action-Not Available
Vendor-eq-3hm-print_projectn/a
Product-homematic_ccu2_firmwarehm-printhomematic_ccu3_firmwarehomematic_ccu3homematic_ccu2n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-50242
Matching Score-4
Assigner-JetBrains s.r.o.
ShareView Details
Matching Score-4
Assigner-JetBrains s.r.o.
CVSS Score-10||CRITICAL
EPSS-0.42% / 33.45%
||
7 Day CHG-0.02%
Published-19 Jun, 2026 | 11:49
Updated-26 Jun, 2026 | 13:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was possible

Action-Not Available
Vendor-JetBrains s.r.o.
Product-hubHub
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-41651
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-0.51% / 39.85%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 08:38
Updated-28 May, 2025 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Weidmueller: Missing Authentication Vulnerability in Industrial Ethernet Switches

Due to missing authentication on a critical function of the devices an unauthenticated remote attacker can execute arbitrary commands, potentially enabling unauthorized upload or download of configuration files and leading to full system compromise.

Action-Not Available
Vendor-Weidmueller
Product-IE-SW-VL08MT-6TX-2STIE-SW-PL10MT-3GT-7TXIE-SW-PL18MT-2GC-16TXIE-SW-VL08MT-6TX-2SCSIE-SW-VL08MT-8TXIE-SW-PL16MT-16TXIE-SW-PL10M-3GT-7TXIE-SW-VL05MT-5TXIE-SW-PL16M-16TXIE-SW-VL08MT-6TX-2SCIE-SW-VL05M-5TXIE-SW-VL08MT-5TX-1SC-2SCSIE-SW-PL18M-2GC-16TX
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-19104
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
ShareView Details
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
CVSS Score-9.1||CRITICAL
EPSS-1.37% / 68.64%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 14:31
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ABB/Busch-Jaeger Telephone Gateway TG/S 3.2 Improper Authentication and Access Control

The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator (URL) , violating the access-control (ACL) rules. This issue allows obtaining sensitive information that may aid in further attacks and privilege escalation.

Action-Not Available
Vendor-Busch-Jaeger (ABB)ABB
Product-6186\/11_firmware6186\/11tg\/s3.2tg\/s3.2_firmware6186/11 Telefon-Gateway TG/S 3.2 Telephone Gateway
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-40736
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-0.40% / 32.09%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 10:34
Updated-21 Aug, 2025 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application exposes an endpoint that allows an unauthorized modification of administrative credentials. This could allow an unauthenticated attacker to reset the superadmin password and gain full control of the application (ZDI-CAN-26569).

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-40765
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-0.51% / 39.59%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 09:15
Updated-21 Oct, 2025 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic V3.1 (All versions >= V3.1.2.2 < V3.1.2.3). The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform authenticated operations of the database service.

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic V3.1
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18937
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-33.84% / 98.19%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:50
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the Script Parser AddOn through 1.8 installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi script, which executes TCL script content from an HTTP POST request.

Action-Not Available
Vendor-scriptparser_projecteq-3n/a
Product-homematic_ccu2_firmwarescriptparserhomematic_ccu3_firmwarehomematic_ccu3homematic_ccu2n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2023-42793
Matching Score-4
Assigner-JetBrains s.r.o.
ShareView Details
Matching Score-4
Assigner-JetBrains s.r.o.
CVSS Score-9.8||CRITICAL
EPSS-99.98% / 99.98%
||
7 Day CHG~0.00%
Published-19 Sep, 2023 | 16:57
Updated-24 Oct, 2025 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-25||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible

Action-Not Available
Vendor-JetBrains s.r.o.
Product-teamcityTeamCityTeamCity
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-1895
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.28% / 81.04%
||
7 Day CHG~0.00%
Published-07 Aug, 2019 | 20:55
Updated-19 Nov, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Enterprise NFV Infrastructure Software VNC Authentication Bypass Vulnerability

A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to access the VNC console session of an administrative user on an affected device. The vulnerability is due to an insufficient authentication mechanism used to establish a VNC session. An attacker could exploit this vulnerability by intercepting an administrator VNC session request prior to login. A successful exploit could allow the attacker to watch the administrator console session or interact with it, allowing admin access to the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-enterprise_network_function_virtualization_infrastructureCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-12720
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-88.95% / 99.76%
||
7 Day CHG~0.00%
Published-07 May, 2020 | 23:52
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control.

Action-Not Available
Vendor-vbulletinn/a
Product-vbulletinn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-40771
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-0.48% / 38.25%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 09:15
Updated-14 Oct, 2025 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.4.24), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.4.24), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.4.24), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.4.24), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.4.24), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.4.24). Affected devices do not properly authenticate configuration connections. This could allow an unauthenticated remote attacker to access the configuration data.

Action-Not Available
Vendor-Siemens AG
Product-SIPLUS ET 200SP CP 1542SP-1 IRC TX RAILSIMATIC CP 1543SP-1SIMATIC CP 1542SP-1SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAILSIPLUS ET 200SP CP 1543SP-1 ISECSIMATIC CP 1542SP-1 IRC
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46799
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 37.51%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-17 Jun, 2026 | 19:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Sites. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-webcenter_sitesOracle WebCenter Sites
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-4019
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.60% / 44.46%
||
7 Day CHG+0.02%
Published-28 Apr, 2025 | 12:00
Updated-10 Oct, 2025 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
20120630 Novel-Plus GeneratorController.java genCode missing authentication

A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-xxyopen20120630
Product-novel-plusNovel-Plus
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46845
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 37.54%
||
7 Day CHG-0.01%
Published-16 Jun, 2026 | 19:27
Updated-23 Jun, 2026 | 05:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle WebCenter Portal. Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Portal. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-webcenter_portalOracle WebCenter Portal
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46904
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 37.51%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-18 Jun, 2026 | 20:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security). Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-jd_edwards_enterpriseone_toolsJD Edwards EnterpriseOne Tools
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46813
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 37.51%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-17 Jun, 2026 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Content. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-webcenter_contentOracle WebCenter Content
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18339
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-2.65% / 83.79%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The HTTP service (default port 5401/tcp) of the SiVMS/SiNVR Video Server contains an authentication bypass vulnerability, even when properly configured with enforced authentication. A remote attacker with network access to the Video Server could exploit this vulnerability to read the SiVMS/SiNVR users database, including the passwords of all users in obfuscated cleartext.

Action-Not Available
Vendor-Siemens AG
Product-sinvr_3_video_serversinvr_3_central_control_serverSiNVR/SiVMS Video Server
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46783
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 38.12%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-18 Jun, 2026 | 22:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebCenter Content: Imaging. Successful attacks of this vulnerability can result in takeover of WebCenter Content: Imaging. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-webcenter_contentWebCenter Content: Imaging
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46890
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 38.16%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-18 Jun, 2026 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM (component: Marketing). Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Apps - Marketing. Successful attacks of this vulnerability can result in takeover of Siebel Apps - Marketing. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-siebel_apps_-_marketingSiebel Apps - Marketing
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18284
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-2.03% / 78.65%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacker can use methods exposed via this interface to receive password hashes of other users and to change user passwords. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_application_serverSPPA-T3000 Application Server
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46879
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 38.13%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-18 Jun, 2026 | 22:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security). Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-jd_edwards_enterpriseone_toolsJD Edwards EnterpriseOne Tools
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46909
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 38.12%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-18 Jun, 2026 | 04:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security). Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-jd_edwards_enterpriseone_toolsJD Edwards EnterpriseOne Tools
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46801
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 38.12%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-17 Jun, 2026 | 19:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Sites. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-webcenter_sitesOracle WebCenter Sites
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46919
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 28.22%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-18 Jun, 2026 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel CRM Cloud Applications. Successful attacks of this vulnerability can result in takeover of Siebel CRM Cloud Applications. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-siebel_cloud_managerSiebel CRM Cloud Applications
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46807
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.52% / 40.20%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-19 Jun, 2026 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: OIM Legacy UI). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Identity Manager. Successful attacks of this vulnerability can result in takeover of Identity Manager. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-identity_managerIdentity Manager
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46902
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 37.51%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-18 Jun, 2026 | 04:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core). Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Enterprise Command Center Framework. Successful attacks of this vulnerability can result in takeover of Oracle Enterprise Command Center Framework. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-enterprise_command_center_frameworkOracle Enterprise Command Center Framework
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-44668
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 28.42%
||
7 Day CHG~0.00%
Published-26 May, 2026 | 17:43
Updated-27 May, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Faction: Unauthenticated Read, Modify, and Delete of Boilerplate Templates

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 actions, unconditionally calls invocation.invoke() without checking for a valid session. Four action methods in BoilerPlateConfig perform no local session check either, allowing an unauthenticated attacker to read, overwrite, deactivate, and permanently delete any boilerplate template in the system. This vulnerability is fixed in 1.8.3.

Action-Not Available
Vendor-factionsecurity
Product-faction
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-44649
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 12.19%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 17:45
Updated-02 Jun, 2026 | 03:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SillyTavern: Authentication Bypass via SSO Header Injection

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern accepts Remote-User (Authelia) and X-Authentik-Username (Authentik) HTTP headers to automatically log in users when SSO is configured. There is no validation that these headers originate from a trusted reverse proxy. Any network client that can reach the SillyTavern port directly can inject these headers and authenticate as any user, including administrators, without a password. This vulnerability is exploitable only when sso.autheliaAuth: true or sso.authentikAuth: true is set in config.yaml (both default to false). This vulnerability is fixed in 1.18.0.

Action-Not Available
Vendor-SillyTavern
Product-SillyTavern
CWE ID-CWE-290
Authentication Bypass by Spoofing
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-346
Origin Validation Error
CWE ID-CWE-807
Reliance on Untrusted Inputs in a Security Decision
CVE-2026-45083
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 32.84%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 21:00
Updated-28 May, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Goobi viewer: Unauthenticated Solr Streaming Expression Proxy

The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. From 4.8.0 to before 26.04.1, the Goobi viewer REST endpoint POST /api/v1/index/stream accepted an arbitrary Solr streaming expression from unauthenticated network clients and forwarded it to the backend Solr server without restriction. An attacker could read the complete Solr index and, in default Solr deployments, also modify or delete indexed records. This vulnerability is fixed in 26.04.1.

Action-Not Available
Vendor-intranda
Product-goobi-viewer-core
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-18572
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.3||HIGH
EPSS-1.99% / 78.23%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 20:50
Updated-16 Sep, 2024 | 22:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain an Improper Authentication vulnerability. A Java JMX agent running on the remote host is configured with plain text password authentication. An unauthenticated remote attacker can connect to the JMX agent and monitor and manage the Java application.

Action-Not Available
Vendor-Dell Inc.
Product-rsa_identity_governance_and_lifecycleRSA Identity Governance & Lifecycle
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-17506
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-57.30% / 98.95%
||
7 Day CHG~0.00%
Published-11 Oct, 2019 | 19:29
Updated-05 Aug, 2024 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED_GROUP=1%0a to getcfg.php. This could be used to control the router remotely.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-817lw_a1_firmwaredir-868l_b1dir-868l_b1_firmwaredir-817lw_a1n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 13
  • 14
  • Next
Details not found