enterprise_blocker
enterprise_blocker
- CVE-2025-30007 - HestiaCP before 1.9.5 contains an authenticated OS command injection vulnerability that allows low-privilege a
- CVE-2025-70796 - An unauthenticated path traversal vulnerability exists in the web management interface of WTI (Wireless Techno
- CVE-2026-12685 - The EscortWP escortwp WordPress theme through 3.6.2 was distributed with a vendor-authored, obfuscated backdoo
- CVE-2026-14480 - OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the legacy web UI program‑u
- CVE-2026-15293 - The WP Business Intelligence Lite plugin for WordPress is vulnerable to authorization bypass in all versions u
- CVE-2026-20744 - The charging station websocket endpoint accepts connections without proper authentication, which could lead to
- CVE-2026-22659 - FlaskBB through 2.2.0, fixed in commit acc88cf, contains an authorization bypass vulnerability that allows aut
- CVE-2026-22660 - FlaskBB through 2.2.0, fixed in commit a5da9a5, contains a logic flaw vulnerability that allows authenticated
- CVE-2026-2398 - Authorization bypass through User-Controlled key vulnerability in Adam Retail Automation Ltd
- CVE-2026-28564 - Insufficient Session Expiration, Authentication Bypass by Capture-replay vulnerability in Apache IoTDB
- CVE-2026-33382 - Several Grafana API endpoints, some of them unauthenticated, do not limit the size of the request body before
- CVE-2026-38057 - The iDirect iQ200 does not validate CSRF tokens on state-changing API endpoints after authentication
- CVE-2026-38059 - The iDirect iQ200 exposes the /api/identity and /api/ REST API endpoints without authentication
- CVE-2026-39903 - Simple Machines Forum 2.1 prior to 2.1.8 and 3.0 prior to 3.0 Alpha 5 contains an authorization bypass vulnera
- CVE-2026-40452 - Incorrect Authorization, Improper Access Control vulnerability in Apache IoTDB
- CVE-2026-42952 - Previously, there was no throttling on repeated authentication attempts to the charging station backend, which
- CVE-2026-53653 - Grav is a file-based Web platform. Prior to 1.7.53 and 2.0.0-rc.8, Grav allows an unauthenticated visitor to e
- CVE-2026-54069 - SiYuan: Unauthenticated Admin API Access via Blanket chrome-extension:// Origin Allowlist
- CVE-2026-54072 - Authorizer: Unvalidated redirect_uri in /authorize leaks OAuth2 tokens to attacker-controlled URL
- CVE-2026-54088 - File Browser: Command Injection via Authentication Hook Shell Substitution (Pre-Authentication RCE)
- CVE-2026-54089 - File Browser: Authentication Bypass via Proxy Auth Header Forgery
- CVE-2026-54159 - prestashop/ps_facetedsearch: PHP Object Injection in faceted search cache allows unauthenticated RCE
- CVE-2026-55377 - Logto is the modern, open-source auth infrastructure for SaaS and AI apps
- CVE-2026-55500 - 9Router is an AI router & token saver. Prior to 0.4.80, the /api/settings/database endpoint allows full databa
- CVE-2026-55501 - 9Router is an AI router & token saver. Prior to 0.4.80, the dashboard login rate limiter in src/lib/auth/login
- CVE-2026-55638 - 9Router is an AI router & token saver. Prior to 0.5.2, 9router protects /v1, /v1beta, /api/v1, and /api/v1beta
- CVE-2026-55641 - 9Router is an AI router & token saver. Prior to 0.5.2, 9router determines whether a /v1 LLM proxy request is l
- CVE-2026-55789 - Logto is the modern, open-source auth infrastructure for SaaS and AI apps
- CVE-2026-56291 - Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability
- CVE-2026-56305 - Capgo before 12.128.2 contains an authentication bypass vulnerability in the password change endpoint that all
- CVE-2026-56335 - Capgo before 12.128.2 contains an authorization bypass vulnerability where write-scoped API keys can directly
- CVE-2026-56675 - 9Router is an AI router & token saver. Prior to 0.5.2, 9router treats loopback requests as trusted and allows
- CVE-2026-56676 - 9Router is an AI router & token saver. Prior to 0.5.2, 9router validates image URLs by resolving the host befo
- CVE-2026-56765 - Vikunja before 2.2.1 contains an authorization flaw where the LinkSharing.ReadAll endpoint exposes share hashe
- CVE-2026-57807 - Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security Software Pvt Ltd
- CVE-2026-57850 - RustDesk before 1.4.9 does not enforce a session's authorized connection scope on the server side, so a peer g
- CVE-2026-59151 - Prowler is a cloud security platform. Prior to 5.30.3, Prowler's SAML authentication flow trusted the email do
- CVE-2026-59795 - In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible
- CVE-2026-61441 - PraisonAI Platform (praisonai-platform) before 0.1.9 improperly authorizes deletion of issue dependencies
- CVE-2026-61450 - Grav before 2.0.2 contains a Twig sandbox bypass that allows a page author (any admin.pages user, or anyone ab
- CVE-2026-61459 - MCP Server Kubernetes before 3.9.0 contains an argument injection vulnerability in structured tools (kubectl_g
- CVE-2026-6212 - Authorization bypass through User-Controlled key vulnerability in Teracity Software Technologies Inc
- CVE-2025-45422 - Incorrect access control in Proximus b-box v8c.725A allows authenticated attackers to bypass normal restrictio
- CVE-2025-63579 - Unauthorized use of Kyocera printers, allows all information stored in the Kyocera address book to be exported
- CVE-2026-11404 - Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mg_tls_server_
- CVE-2026-12593 - The implementation of an internal and undocumented Dashboard API endpoint (POST /api/users/~/{user}/tokens) fo
- CVE-2026-12595 - The LoginPress Pro plugin for WordPress is vulnerable to Authentication Bypass via Unverified OAuth Email in a
- CVE-2026-12597 - The LoginPress Pro plugin for WordPress is vulnerable to Authentication Bypass via the GitHub OAuth callback i
- CVE-2026-12598 - The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in versions up to and including
- CVE-2026-14245 - The miniOrange OTP Login, Verification and SMS Notifications plugin for WordPress is vulnerable to Authenticat
- CVE-2026-14261 - A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reins
- CVE-2026-1989 - Authorization bypass through User-Controlled key vulnerability in PAVO Financial Technology Solutions Inc
- CVE-2026-47829 - Argument Injection in bosh-cli allows a compromised BOSH Director to inject arbitrary OpenSSH options into the
- CVE-2026-52762 - YesWiki: Authenticated (Admin) Server-Side Template Injection to Remote Code Execution via Bazar Semantic Templates
- CVE-2026-52766 - YesWiki vulnerable to unauthenticated arbitrary page deletion via {{erasespamedcomments}} action
- CVE-2026-52767 - YesWiki Vulnerable to Unauthenticated ActivityPub Signature-Verification Bypass via !openssl_verify(...) accepting int(-
- CVE-2026-52769 - YesWiki has Unauthenticated Server-Side Request Forgery via ActivityPub Signature.keyId
- CVE-2026-52775 - YesWiki has Authenticated SQL Injection via ReactionManager
- CVE-2026-52777 - YesWiki Vulnerable to Authenticated PHP Object Injection in BazarImportAction via unserialize
- CVE-2026-5523 - The Divi Form Builder plugin for WordPress is vulnerable to Missing Authorization in versions up to, and inclu
- CVE-2026-55604 - DeepSeek MCP Server is an MCP server for DeepSeek V4
- CVE-2026-58122 - Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated remot
- CVE-2026-58123 - Hermes WebUI before 0.51.788 contains an unauthenticated remote code execution vulnerability that allows remot
- CVE-2026-58143 - Cotonti Siena 0.9.26 and earlier contains a cross-site request forgery vulnerability that allows unauthenticat
- CVE-2026-59692 - A stack buffer overflow vulnerability was found in GStreamer's DTLS plugin
- CVE-2026-31309 - Improper authorization in the /tequilapi/config/user endpoint of Mysterium Node before v1.36.0 allows unauthen
- CVE-2026-35552 - In CAXperts UPVWebServices 2.4.2212.603 through 2.7.6 and UDiTH Portal 2026.0.0 through 2026.2.0, an authentic
- CVE-2026-49464 - NL Portal: IDOR allows any authenticated user to complete and tamper with another user's taak
- CVE-2026-49471 - Serena: Unauthenticated Flask dashboard on fixed port enables DNS rebinding → memory poisoning → RCE
- CVE-2026-50197 - Skipper: opaAuthorizeRequestWithBody filter bypasses OPA policy on Transfer-Encoding — chunked / HTTP/2 requests
- CVE-2026-53649 - Joro: Unauthenticated Cross-Origin Plugin Upload Leads to RCE
- CVE-2026-54499 - Stanza is a Stanford NLP Python library for tokenization, sentence segmentation, NER, and parsing of many huma
- CVE-2026-54591 - AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 prot
- CVE-2026-56776 - n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/{workflowId}/t
- CVE-2026-58480 - Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vul
- CVE-2026-58525 - Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a securit
- CVE-2026-59804 - Midscene Bridge Server through 1.10.3, fixed in commit 86f4118, contains a missing authentication and CORS mis
- CVE-2026-60002 - ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchan
- CVE-2026-60104 - Bitwarden Server before 2026.6.0 does not verify that the email in a POST /auth-requests/admin-request body be
- CVE-2026-9074 - IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL inject
- CVE-2025-46719 - Open WebUI vulnerable to stored XSS via unescaped markdown token in MarkdownTokens.svelte leading to full account takeov
- CVE-2026-37270 - Trueview Security camera T18161- AF v4.9.60.0 contains an authentication bypass vulnerability caused by improp
- CVE-2026-37271 - Fire-Boltt Smartwatch FB BGS001 Firmware: MOY-JS14-2.0.4 is vulnerable to Improper Authentication, The device
- CVE-2026-40187 - EGroupware has Authenticated RCE via Malicious eTemplate Upload
- CVE-2026-48957 - An improper access check allows unauthorized users to access com_privacy datasets
- CVE-2026-48958 - An improper access check allows unauthorized users to create custom fields via webservices endpoints
- CVE-2026-53512 - Better Auth: OAuth refresh-token replay via missing client authentication on oidc-provider and mcp plugins
- CVE-2026-53513 - @better-auth/sso provider registration has server-side request forgery via unvalidated OIDC endpoints
- CVE-2026-53514 - Better Auth vulnerable to unauthorized invitation acceptance via unverified email match in organization plugin
- CVE-2026-53516 - Better Auth has an account takeover issue via OAuth auto-link to unverified pre-registered email
- CVE-2026-53517 - Better Auth: OAuth refresh-token rotation forks the token family on concurrent redemption
- CVE-2026-53518 - @better-auth/oauth-provider's OAuth authorization-code grant allows concurrent redemption when two token requests race t
- CVE-2026-55255 - Langflow Authorization Bypass Through User-Controlled Key Vulnerability
- CVE-2026-56290 - Joomlack Page Builder Improper Access Control Vulnerability
- CVE-2026-59706 - mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side
- CVE-2026-59707 - LocalAI contains an unauthenticated server-side request forgery vulnerability in the POST /models/apply endpoi
- CVE-2026-11405 - The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login() function a
- CVE-2026-14536 - Improper enforcement of a mandatory multi-factor authentication policy in Devolutions Server 2026.2.9.0 allows
- CVE-2026-40138 - A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Suppo
- CVE-2026-40139 - A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Suppo
- CVE-2026-40140 - BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerabili
- CVE-2026-44937 - Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0.15 before 0
- CVE-2026-59712 - Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated
- CVE-2026-13053 - An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged u
- CVE-2026-13054 - A path traversal vulnerability in the WatchGuard Fireware OS Management Web UI allows a privileged authenticat
- CVE-2026-13383 - An Out-of-bounds Write vulnerability in WatchGuard Fireware OS ikestubd process could allow an authenticated p
- CVE-2026-13384 - An Out-of-bounds Write vulnerability in WatchGuard Fireware OS wgagent process could allow an authenticated pr
- CVE-2026-57983 - Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security
- CVE-2026-57984 - Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a netwo
- CVE-2026-57985 - Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code o
- CVE-2026-58293 - External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to ex
- CVE-2026-58297 - Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unau
- CVE-2026-41106 - Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate
- CVE-2026-45499 - Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a
- CVE-2026-55952 - The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1
- CVE-2026-57100 - Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized a
- CVE-2026-59800 - 9router: Missing Authorization and OS Command Injection
- CVE-2026-10750 - The Royal MCP WordPress plugin before 1.4.26 does not perform capability checks on the majority of its MCP too
- CVE-2026-11568 - The Product Configurator for WooCommerce WordPress plugin before 1.7.3 does not perform any authorisation or p
- CVE-2026-11883 - The WebAuthn Provider for Two Factor WordPress plugin before 2.5.6 does not correctly validate the second-fact
- CVE-2026-1239 - The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to unauthori
- CVE-2026-12579 - AS228T with Authentication Bypass Vulnerability
- CVE-2026-13468 - The Visualizer – Tables & Charts Manager with Built-in AI Generator plugin for WordPress is vulnerable to auth
- CVE-2026-20191 - A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary fil
- CVE-2026-20213 - A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to caus
- CVE-2026-20214 - A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cau
- CVE-2026-20215 - A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to caus
- CVE-2026-20216 - A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attac
- CVE-2026-20217 - A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to
- CVE-2026-20243 - A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cau
- CVE-2026-20244 - A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cau
- CVE-2026-24270 - NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication
- CVE-2026-57517 - Control Web Panel before 0.9.8.1225 contains a blind SQL injection vulnerability that allows unauthenticated r
- CVE-2026-58036 - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki
- CVE-2026-58126 - PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote at
- CVE-2026-6070 - The WP-BusinessDirectory plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Deletion in vers
- CVE-2026-7829 - UltraVNC repeater through 1.8.2.2 contains a post-authentication out-of-bounds write in the allow/deny rule pa
- CVE-2026-7830 - UltraVNC through 1.8.2.2 uses inadequate cryptography in the MS-Logon II authentication scheme (rfbUltraVNC_Ms
- CVE-2026-10560 - IBM Langflow OSS 1.0.0 through 1.9.6 contains a missing authentication vulnerability in /api/v1/build_public_t
- CVE-2026-13207 - FUXA versions 1.3.1 and prior contain an authentication bypass vulnerability via dot-segment path normalizatio
- CVE-2026-35505 - An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory
- CVE-2026-41053 - Incorrect authentication caching in the team member ship expansion of the Rancher Github authentication provid
- CVE-2026-44628 - An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a va
- CVE-2026-46817 - Oracle E-Business Suite Payments File Transmission takeover
- CVE-2026-48286 - Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization
- CVE-2026-49473 - @cedar-policy/authorization-for-expressjs has an authorization bypass via query string manipulation
- CVE-2026-49821 - Fission: Cross-namespace Environment reference in Package allows build-time command execution and SA token exfiltration
- CVE-2026-49877 - Improper Authorization vulnerability in Apache ActiveMQ
- CVE-2026-50254 - An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory
- CVE-2026-52868 - An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist st
- CVE-2026-54475 - Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ
- CVE-2026-56219 - Capgo before 12.128.2 contains a NULL-auth bypass vulnerability in the public.get_org_user_access_rbac functio
- CVE-2026-56230 - Capgo before 12.128.2 contains a broken object level authorization vulnerability in middlewareKey() that accep
- CVE-2026-56233 - Capgo before 12.128.2 contains a path traversal vulnerability in the builder upload proxy that allows authenti
- CVE-2026-56249 - Capgo before 12.128.2 contains an authorization bypass vulnerability in the channel creation endpoint that all
- CVE-2026-56286 - Capgo before 12.128.2 contains an authentication bypass vulnerability in the account deletion endpoint that al
- CVE-2026-56300 - Capgo before 12.128.2 contains unauthenticated security definer RPC functions get_user_id and get_org_perm_for
- CVE-2026-56320 - Capgo before 12.128.2 contains an authorization flaw in POST /private/create_device that accepts a caller-supp
- CVE-2026-58138 - Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that all
- CVE-2026-58168 - DeepTutor before version 1.4.10 contains an authorization bypass vulnerability that allows low-privilege users
- CVE-2026-58169 - Vibe-Trading before 0.1.10 contains a DNS rebinding authentication bypass vulnerability that allows remote att
- CVE-2026-58370 - Woodpecker before 3.15.0 matches the ApprovalAllowedUsers bypass list against pipeline.Author
- CVE-2026-58375 - JimuReport through 2.5.0 exposes the POST /jmreport/auto/export endpoint without authentication: the handler i
- CVE-2026-58376 - Dolibarr through 23.0.3, fixed in commit 14db36e, contains a sql injection vulnerability that allows authentic
- CVE-2026-58377 - JeecgBoot through 3.9.2 contains a broken access control vulnerability that allows authenticated low-privilege
- CVE-2026-7663 - IBM Langflow OSS 1.0.0 through 1.9.6 could allow unauthenticated attackers to access protected MCP project res
- CVE-2026-7873 - IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated attackers to execute arbitrary OS commands and read
- CVE-2026-8037 - Progress Kemp LoadMaster API command injection RCE
- CVE-2024-54013 - Penetration Testing engineers at security control bypass
- CVE-2025-2902 - Improper Authorization Vulnerability of Maintenance Utility in Hitachi Virtual Storage Platform
- CVE-2026-11703 - Missing SNI/ALPN binding on TLS session binding bypass
- CVE-2026-12415 - The Invoice Generator plugin for WordPress privilege escalation
- CVE-2026-13485 - SourceCodester Class and Exam Timetabling System 1 sql injection
- CVE-2026-13486 - SourceCodester Class and Exam Timetabling System 1 sql injection
- CVE-2026-13487 - SourceCodester Class and Exam Timetabling System 1 sql injection
- CVE-2026-13488 - A security flaw has sql injection
- CVE-2026-13498 - yashpokharna2555 restaurent-management-system sql injection
- CVE-2026-13500 - antlr ANTLR4 code injection
- CVE-2026-13515 - Tenda JD12L 16 stack buffer overflow
- CVE-2026-13516 - Tenda JD12L 16 stack buffer overflow
- CVE-2026-13517 - Tenda JD12L 16 stack buffer overflow
- CVE-2026-13518 - Tenda JD12L 16 stack buffer overflow
- CVE-2026-13521 - SourceCodester Class and Exam Timetabling System 1 sql injection
- CVE-2026-13526 - SourceCodester Class and Exam Timetabling System 1 sql injection
- CVE-2026-13527 - SourceCodester Class and Exam Timetabling System 1 sql injection
- CVE-2026-13528 - YunaiV/zhijiantianya ruoyi-vue-pro path traversal
- CVE-2026-13539 - Wavlink WL-NU516U1-A M16U1_V240425 stack buffer overflow
- CVE-2026-13545 - D-Link DCS-935L 1 command injection
- CVE-2026-13546 - Feehi CMS missing authentication
- CVE-2026-13547 - Hanwang e-Face General Management Platform 6 unrestricted file upload
- CVE-2026-13550 - itsourcecode Baptism Information Management System 1 sql injection
- CVE-2026-13551 - itsourcecode Baptism Information Management System 1 sql injection
- CVE-2026-13552 - itsourcecode Online Hotel Management System 1 sql injection
- CVE-2026-13553 - itsourcecode Online Hotel Management System 1 unrestricted file upload
- CVE-2026-13559 - code-projects Real State Services 1 sql injection
- CVE-2026-13562 - Edimax EW-7478APC 1 buffer overflow
- CVE-2026-13563 - Edimax EW-7478APC 1 stack buffer overflow
- CVE-2026-13564 - Edimax EW-7478APC 1 stack buffer overflow
- CVE-2026-13601 - A flaw was found CSP sandbox escape
- CVE-2026-13606 - A flaw was found out-of-bounds write
- CVE-2026-1709 - Keylime authentication bypass
- CVE-2026-20245 - Cisco Catalyst SD-WAN tenant upload command injection
- CVE-2026-2053 - The WSO2 API Manager security control bypass
- CVE-2026-22078 - Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges
- CVE-2026-25521 - versions from 2.0.12 to prototype pollution
- CVE-2026-28367 - Undertow HTTP request smuggling
- CVE-2026-28368 - Undertow HTTP request smuggling
- CVE-2026-3256 - HTTP Session versions before security control bypass
- CVE-2026-33228 - flatted security control bypass
- CVE-2026-33845 - A flaw in GnuTLS out-of-bounds read
- CVE-2026-3833 - gnutls security control bypass
- CVE-2026-40993 - An attacker with write security control bypass
- CVE-2026-41045 - polkit authentication of qSnapper security control bypass
- CVE-2026-41046 - qSnapper path traversal
- CVE-2026-41048 - qSnapper security control bypass
- CVE-2026-41049 - Incorrect caching of authentication security control bypass
- CVE-2026-41838 - IDs for WebSocket sessions security control bypass
- CVE-2026-41848 - Applications may be vulnerable ReDoS
- CVE-2026-41851 - Applications which accept user-supplied denial of service
- CVE-2026-42010 - gnutls authentication bypass
- CVE-2026-42208 - LiteLLM security control bypass
- CVE-2026-44018 - Docling simplifies document processing security control bypass
- CVE-2026-47204 - Envoy null pointer denial of service
- CVE-2026-47221 - Envoy denial of service
- CVE-2026-47424 - OpenAM Authenticated RCE via Groovy Sandbox Escape
- CVE-2026-47426 - OpenAM OAuth Client Impersonation via JWKS Resolver Cache
- CVE-2026-48558 - SimpleHelp Authentication Bypass Vulnerability
- CVE-2026-4878 - libcap privilege escalation
- CVE-2026-49049 - The Helix3 plugin for Joomla exposes an ajax handler task, that allows unauthenticated attackers to delete arb
- CVE-2026-50193 - jackson-databind contains the general-purpose security control bypass
- CVE-2026-53914 - JetBrains Kotlin unsafe deserialization
- CVE-2026-55092 - Trivy security control bypass
- CVE-2026-55200 - libssh2 out-of-bounds write
- CVE-2026-55957 - Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to au
- CVE-2026-56124 - phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote a
- CVE-2026-56782 - Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoint
- CVE-2026-56788 - RTKLIB out-of-bounds read
- CVE-2026-57320 - Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 versions
- CVE-2026-57333 - Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions
- CVE-2026-57336 - Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions
- CVE-2026-57337 - Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions
- CVE-2026-57338 - Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions
- CVE-2026-57520 - Bitwarden Server before 2026.5.0 privilege escalation
- CVE-2026-57921 - JetBrains YouTrack improper access control
- CVE-2026-57923 - JetBrains YouTrack security control bypass
- CVE-2026-57926 - JetBrains YouTrack prototype pollution
- CVE-2026-57955 - SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers to execute a
- CVE-2026-58049 - FFmpeg s RASC video out-of-bounds read
- CVE-2026-58050 - libssh2 heap buffer overflow
- CVE-2026-58053 - Gitea act_runner with the security control bypass
- CVE-2026-58054 - MyBB 1.8.40 does not security control bypass
- CVE-2026-58056 - RustDesk gates incoming control security control bypass
- CVE-2026-6325 - Out-of-bounds write in SetSuitesHashSigAlgo out-of-bounds write
- CVE-2026-6331 - HMAC zero-length tag forgery MAC verification bypass
- CVE-2026-6679 - the DTLS 1.3 ACK serialization path heap buffer overflow
- CVE-2026-6731 - X.509 name constraint bypass certificate constraint bypass
- CVE-2026-6734 - Impact When using Socks5ProxyAgent security control bypass
- CVE-2026-7511 - PKCS7_verify signer confusion allows signature verification bypass
- CVE-2026-7532 - iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME certificate constraint bypass
- CVE-2026-8095 - The Frontend File Manager Plugin plugin for WordPress arbitrary file write/read
- CVE-2026-8720 - wc_Blake2bHmacFinal and wc_Blake2sHmacFinal discard MAC verification bypass
- GHSA-72R4-9C5J-MJ57 - pnpm security control bypass
- GHSA-FR4H-3CPH-29XV - pnpm security control bypass
- GHSA-QRV3-253H-G69C - pnpm path traversal
- CVE-2026-13485 - SourceCodester preview.php course_year_section SQL injection
- CVE-2026-13486 - SourceCodester preview6.php course_year_section SQL injection
- CVE-2026-13487 - SourceCodester archive.php sy SQL injection
- CVE-2026-13488 - SourceCodester preview7.php course_year_section SQL injection
- CVE-2026-58049 - FFmpeg RASC DLTA decoder out-of-bounds heap write
- CVE-2026-58050 - libssh2 publickey attribute count integer overflow
- CVE-2026-58053 - Gitea act_runner Docker container options host escape
- CVE-2026-58054 - MyBB limited ACP user group privilege escalation
- CVE-2026-58054 - MyBB limited ACP user management administrator escalation
- CVE-2026-58056 - RustDesk file-transfer session control authorization bypass
- CVE-2026-58056 - RustDesk file-transfer session control-scope bypass
- CVE-2026-8095 - WordPress Frontend File Manager arbitrary file deletion
- CVE-2026-28701 - Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users
- CVE-2026-31928 - The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls,
- CVE-2026-33560 - The DMP-5000 file service exposes authenticated arbitrary file upload functionality
- CVE-2026-46619 - OpenAM Authentication Bypass via MSISDN LDAP Injection
- CVE-2026-46623 - OpenAM Account Takeover via Unverified Password Change in OAuth2 Module
- CVE-2026-48797 - Backpropagate: backprop ui --auth and backprop ui --share do not enforce authentication
- CVE-2026-48930 - A flaw in Node.js TLS hostname handling can cause Embedded-nul hostnames can lead to silent authority rebindin
- CVE-2026-49257 - mcp-pinot: Unauthenticated tool invocation via default oauth_enabled=False + host 0.0.0.0 bind
- CVE-2026-49291 - mcp-memory-service: OAuth read-only clients can write and delete memories through MCP tools/call
- CVE-2026-49357 - Streamable HTTP mode exposes LINE Desktop read/send tools without MCP authentication
- CVE-2026-54835 - Unauthenticated Broken Access Control in Five Star Restaurant Menu <= 2.5.2 versions
- CVE-2026-55975 - A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML f
- CVE-2026-56028 - Unauthenticated Privilege Escalation in Easy Elements for Elementor – Addons & Website Templates <=
- CVE-2026-56034 - Unauthenticated SQL Injection in Library Management System <= 3.5.7 versions
- CVE-2026-56041 - Unauthenticated Cross Site Scripting (XSS) in Responsive Lightbox <= 2.7.6 versions
- CVE-2026-56061 - Unauthenticated Broken Access Control in Subscriptions for WooCommerce <= 1.9.5 versions
- CVE-2026-56068 - Unauthenticated SQL Injection in JetEngine <= 3.8.10.2 versions
- CVE-2026-56414 - A vulnerability exists in H.View IP cameras certificate-related upload interfaces allow authenticated users to
- CVE-2026-57314 - Unauthenticated Cross Site Scripting (XSS) in SureCart <= 4.3.2 versions
- CVE-2026-5757 - Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an at
- CVE-2026-57915 - It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA with an un
- CVE-2025-71327 - Flowise contains an authentication bypass vulnerability in the unprotected /api/v1/account/register endpoint t
- CVE-2025-71333 - Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachmen
- CVE-2026-11703 - wolfSSL SNI/ALPN session resumption binding bypass
- CVE-2026-11800 - A flaw was found in Keycloak. This JWT algorithm confusion vulnerability in the JWT Authorization Grant flow a
- CVE-2026-12245 - NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of
- CVE-2026-12490 - When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client ce
- CVE-2026-12569 - PTC Windchill and FlexPLM Improper Input Validation Vulnerability
- CVE-2026-20230 - Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability
- CVE-2026-27366 - Unauthenticated Broken Access Control in MainWP Child <= 6.1.1 versions
- CVE-2026-39829 - golang.org/x/crypto/ssh: Invoking pathological RSA/DSA parameters may cause DoS
- CVE-2026-46597 - golang.org/x/crypto/ssh: Invoking byte arithmetic causes underflow and panic
- CVE-2026-54830 - Unauthenticated Broken Access Control in Five Star Restaurant Reservations <= 2.7.19 versions
- CVE-2026-54844 - Unauthenticated Broken Access Control in CheckView Automated Testing <= 2.1.0 versions
- CVE-2026-55092 - Trivy OCI artifact title path traversal arbitrary write
- CVE-2026-55958 - Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer
- CVE-2026-56051 - Unauthenticated Cross Site Scripting (XSS) in TablePress <= 3.3.1 versions
- CVE-2026-56766 - Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMT
- CVE-2026-56769 - Huly Platform through 0.7.423, fixed in commit 68cbf8a contains an authenticated server-side request forgery v
- CVE-2026-57520 - Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custo
- CVE-2026-6679 - wolfSSL DTLS 1.3 ACK serialization heap overflow
- CVE-2026-6731 - wolfSSL X.509 name-constraints common-name bypass
- CVE-2026-9099 - A flaw was found in Keycloak. A missing authorization check in the GroupResource.addChild() endpoint within th
- CVE-2026-11877 - An unauthorized user can modify configuration through API calls that affects the OpenText Access Manager
- CVE-2026-12417 - The SignUp & SignIn plugin for WordPress is vulnerable to Authentication Bypass via Weak Password Reset Valida
- CVE-2026-56121 - Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthoriz
- CVE-2026-56270 - Flowise before 3.1.0 (versions 3.0.13 and earlier) contains a missing authentication vulnerability in the /api
- CVE-2026-9643 - The WP Meta SEO plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the REQU
- CVE-2026-12112 - A flaw was found in the foreman-mcp-server
- CVE-2026-50193 - jackson-databind deeply nested JsonNode denial of service
- CVE-2026-50193 - jackson-databind JsonNode deep nesting denial of service
- CVE-2026-52844 - Caddy is an extensible server platform that uses TLS by default
- CVE-2026-52845 - Caddy is an extensible server platform that uses TLS by default
- CVE-2026-41045 - qSnapper polkit authentication TOCTOU bypass
- CVE-2026-41045 - qSnapper polkit TOCTOU authentication bypass
- CVE-2026-41046 - qSnapper configName path traversal
- CVE-2026-41046 - qSnapper configName path traversal privilege escalation
- CVE-2026-41048 - qSnapper method-level polkit authorization cache confusion
- CVE-2026-41048 - qSnapper polkit authorization cache cross-method bypass
- CVE-2026-41049 - qSnapper cross-user polkit authorization cache confusion
- CVE-2026-41049 - qSnapper polkit authorization cache cross-user bypass
- CVE-2026-42127 - The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticat
- CVE-2026-56425 - The Azure Active Directory (AAD) authentication implementation contained multiple weaknesses in its OAuth 2.0
- CVE-2026-48908 - A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimate
- CVE-2026-47645 - Url redirection to untrusted site ('open redirect') in Microsoft 365 Copilot's Business Chat allows an unautho
- CVE-2026-48584 - Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges ove
- CVE-2026-58399 - @acastellon/auth: Authentication bypass via spoofable headers in validateToken()
- CVE-2026-30799 - Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allo
- CVE-2026-55200 - libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2_transpor
- CVE-2026-6734 - undici Socks5ProxyAgent cross-origin pool reuse
- CVE-2026-9697 - Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI (sock
- CVE-2026-10649 - A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerabilit
- CVE-2026-45830 - A lack of authorization validation in version 0.4.17 or later of the ChromaDB Python project allows any authen
- CVE-2026-45833 - A code injection vulnerability in version 0.4.17 or later of the ChromaDB Python project allows an authenticat
- CVE-2026-50083 - The Aqara IAM/SSO Gateway (gw-builder.aqara.com) used a hardcoded OAuth client credential, which is an instanc
- CVE-2026-50627 - The JwtAccessTokenValidator class in Apache CXF fails to validate the 'aud' (Audience) claims of incoming JWT
- CVE-2026-50628 - A logic error in OAuthRequestFilter rejects legitimate requests originating from the bound IP address, while b
- CVE-2026-53406 - Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for Windows before ve
- CVE-2026-53407 - Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and
- CVE-2026-46519 - mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management
- CVE-2026-0272 - A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administra
- CVE-2026-0273 - A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrato
- CVE-2026-11837 - A local privilege escalation vulnerability was found in the ansible.posix authorized_key module
- CVE-2026-40993 - Spring Security JDBC SAML credential deserialization
- CVE-2026-40993 - Spring Security SAML credential BLOB deserialization RCE
- CVE-2026-49759 - Stack-based Buffer Overflow vulnerability in Erlang OTP erts (inet_drv) allows an unauthenticated remote attac
- CVE-2026-26142 - Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized attacker to execute code over a
- CVE-2026-45490 - Improper authorization in .NET allows an authorized attacker to elevate privileges locally
- CVE-2026-45591 - Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a netwo
- CVE-2026-5068 - A remote, unauthenticated BLE peer can trigger a 2-byte out-of-bounds write in the Bluetooth host during L2CAP
- CVE-2026-48907 - A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthen
- CVE-2026-22054 - Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attac
- CVE-2026-22055 - Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker
- CVE-2026-3514 - Prefect has an Authentication Middleware Bypass when URL paths are appended with 'health' or 'ready'
- CVE-2026-40961 - Apache Airflow: Authenticated users can bypass the is_safe_url check
- CVE-2026-41084 - Apache Airflow Vulnerable to Authorization Bypass Through User-Controlled Key
- CVE-2026-44825 - Apache Solr has hardcoded credentials in the Basic Authentication setup tool
- CVE-2026-48827 - Apache MINA SSHD bundle sshd-git has a path traversal vulnerability
- CVE-2026-49121 - AI Tensor Engine for ROCm (AITER) through 0.1.14 contains an unauthenticated remote code execution vulnerabili
- CVE-2026-49361 - Apache Fluss: Unauthenticated remote attackers can exhaust JVM heap memory using crafted frame headers via TabletServer/
- CVE-2026-48526 - PyJWT is a JSON Web Token implementation in Python
- CVE-2026-9094 - Casdoor: GetTokenExchangeToken bypass through lack of cross-organization JWT signature check
- CVE-2026-45260 - Pimcore: Missing Authorization in WebDAV MOVE via unchecked asset move handling
- CVE-2026-46033 - In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject short ahash di
- CVE-2026-2651 - MLflow allows unauthorized access to multipart upload endpoints when the --serve-artifacts mode is enabled
- CVE-2026-42012 - A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially craft
- CVE-2026-42013 - A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could ca
- CVE-2026-45361 - Apache Airflow providers-google's ComputeEngineSSHHook disables SSH host-key verification by default
- CVE-2026-5260 - A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA
- CVE-2026-9277 - shell-quote's quote() function did not validate object-token inputs against the operator model used by pars
- CVE-2026-47101 - LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to routes that t
- CVE-2026-48989 - Windows-MCP: HTTP transports expose unauthenticated PowerShell control with wildcard CORS
- CVE-2026-3039 - BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessi
- CVE-2026-43618 - Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where
- CVE-2026-47783 - In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel
- CVE-2026-27173 - JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only acce
- CVE-2026-7307 - A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the
- CVE-2026-42009 - A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security
- CVE-2026-42822 - Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate priv
- CVE-2026-20224 - A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauth
- CVE-2026-20916 - An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisc
- CVE-2026-32643 - A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at
- CVE-2026-32673 - A vulnerability exists in BIG-IP scripted monitors that may allow an authenticated attacker with the Resource
- CVE-2026-33376 - When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses
- CVE-2026-34176 - When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclos
- CVE-2026-39455 - When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol (LDAP) authen
- CVE-2026-39459 - A vulnerability exists in iControl REST and the TMOS Shell (tmsh) where a highly privileged, authenticated att
- CVE-2026-40631 - An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objec
- CVE-2026-40698 - A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at
- CVE-2026-32177 - Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally
- CVE-2026-35433 - Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally
- CVE-2026-42899 - Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny
- CVE-2026-43456 - In the Linux kernel, the following vulnerability has been resolved: bonding: fix type confusion in bond_setup_
- CVE-2026-42010 - A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfull
- CVE-2026-42011 - A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly igno
- CVE-2026-20167 - A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authe
- CVE-2026-46689 - scim_proto and kanidm_proto have an authenticated process abort via SCIM filter stack exhaustion
- CVE-2026-6322 - fast-uri normalize() decoded percent-encoded authority delimiters inside the host component and then re-emitte
- CVE-2026-6918 - In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a
- CVE-2026-33846 - A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS
- CVE-2026-43033 - In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at
- CVE-2026-7598 - A security vulnerability has been detected in libssh2 up to 1.11.1
- CVE-2026-33845 - A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leadi
- CVE-2026-5402 - TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code ex
- CVE-2026-40976 - In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to al
- CVE-2026-40022 - When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server (camel-p
- CVE-2026-31641 - In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bou
- CVE-2026-31533 - In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY erro
- CVE-2026-40542 - Missing critical step in authentication in Apache HttpClient 5.6 allows an attacker to cause the client to acc
- CVE-2026-40575 - OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers
- CVE-2026-3605 - An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secr
- CVE-2026-4525 - If a Vault auth mount is configured to pass through the Authorization header, and the Authorization header
- CVE-2026-5807 - Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate
- CVE-2026-20186 - A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execu
- CVE-2026-23666 - Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network
- CVE-2026-26171 - Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network
- CVE-2026-32178 - Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a
- CVE-2026-32203 - Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a n
- CVE-2025-13914 - A Key Exchange without Entity Authentication vulnerability in the SSH implementation of Juniper Networks Apstr
- CVE-2026-1584 - A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a spe
- CVE-2026-32283 - If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the co
- CVE-2026-5795 - In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal
- CVE-2025-14821 - A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of
- CVE-2026-28808 - Incorrect Authorization vulnerability in Erlang OTP (inets modules) allows unauthenticated access to CGI scrip
- CVE-2026-34582 - Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationDa
- CVE-2026-0545 - In mlflow/mlflow, the FastAPI job endpoints under /ajax-api/3.0/jobs/* are not protected by authentication o
- CVE-2026-32871 - FastMCP is a Pythonic way to build MCP servers and clients
- CVE-2026-34742 - The Go MCP SDK used Go's standard encoding/json
- CVE-2026-35385 - In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to som
- CVE-2026-4634 - A flaw was found in Keycloak. An unauthenticated attacker can exploit this vulnerability by sending a speciall
- CVE-2026-4636 - A flaw was found in Keycloak. An authenticated user with the uma_protection role can bypass User-Managed Acces
- CVE-2026-20160 - A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote a
- CVE-2025-15381 - In the latest version of mlflow/mlflow, when the basic-auth app is enabled, tracing and assessment endpoints
- CVE-2025-59032 - ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response
- CVE-2026-24031 - Dovecot SQL based authentication can be bypassed when auth_username_chars is cleared by admin
- CVE-2026-27858 - Attacker can send a specifically crafted message before authentication that causes managesieve to allocate lar
- CVE-2026-27651 - When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests
- CVE-2026-23536 - A security issue was discovered in the Feast Feature Server's /read-document endpoint that allows an unauthe
- CVE-2026-27962 - Authlib is a Python library which builds OAuth and OpenID Connect servers
- CVE-2026-28498 - Authlib is a Python library which builds OAuth and OpenID Connect servers
- CVE-2026-32597 - PyJWT is a JSON Web Token implementation in Python
- CVE-2026-3497 - Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions
- CVE-2026-24294 - Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally
- CVE-2026-26130 - Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny s
- CVE-2026-25679 - url.Parse insufficiently validated the host/authority component and accepted some invalid URLs
- CVE-2026-28802 - Authlib is a Python library which builds OAuth and OpenID Connect servers
- CVE-2026-3009 - A security flaw in the IdentityBrokerService.performLogin endpoint of Keycloak allows authentication to procee
- CVE-2026-27446 - Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache ActiveMQ Artemi
- CVE-2026-3336 - Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certifica
- CVE-2026-3338 - Improper signature validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass signature v
- CVE-2026-2293 - A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middlewar
- CVE-2026-1693 - The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by
- CVE-2026-27896 - The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing in ver
- CVE-2019-25434 - SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash
- CVE-2026-2635 - MLflow Use of Default Password Authentication Bypass Vulnerability
- CVE-2026-25506 - MUNGE is an authentication service for creating and validating user credentials
- CVE-2026-1486 - A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-grant flow where the server fail
- CVE-2026-25536 - MCP TypeScript SDK is the official TypeScript SDK for Model Context Protocol servers and clients
- CVE-2020-37094 - EspoCRM 5.7.0 prior to 5.9.0 contains an authentication token reuse vulnerability that allows authenticated at
- CVE-2025-15467 - Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters
- CVE-2026-0719 - A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other
- CVE-2025-30398 - Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a net
- CVE-2025-6018 - A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Auth
- CVE-2025-5987 - A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library
- CVE-2025-5318 - A flaw was found in the libssh library in versions less than 0.11.2
- CVE-2025-6032 - A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloadi
- CVE-2025-44203 - In HotelDruid 3.0.0 and 3.0.7, the unauthenticated database-setup endpoint creadb.php can be reached before se
- CVE-2025-37924 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in kerberos auth
- CVE-2025-37778 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix dangling pointer in krb_authent
- CVE-2025-3891 - A flaw was found in the mod_auth_openidc module for Apache httpd
- CVE-2024-55591 - An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version
- CVE-2024-23667 - An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, FortiWebMana
- CVE-2024-23668 - An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, FortiWebMana
- CVE-2024-23670 - An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, FortiWebMana
- CVE-2023-38950 - A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to
- CVE-2023-3640 - A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU d
- CVE-2022-21952 - A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUS
- CVE-2015-1778 - Opendaylight will authenticate any username and password combination
- CVE-2020-26869 - ARC Informatique PcVue prior to version 12.0.17 is vulnerable to information exposure, allowing unauthorized u