Lucene search
K

462 matches found

NVD
NVD
added yesterday4 views

CVE-2026-57697

Authentication Bypass Using an Alternate Path or Channel vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Password Recovery Exploitation.This issue affects ProfileGrid : from n/a through = 5.9.9.6...

7.5CVSS0.00477EPSS
Exploits0References1
NVD
NVD
added 4 days ago11 views

CVE-2026-57807

Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security Software Pvt Ltd. OAuth Single Sign On - SSO OAuth Client allows Password Recovery Exploitation. This issue affects OAuth Single Sign On - SSO OAuth Client: from n/a through 38.5.8...

9.8CVSS0.00429EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago9 views

EUVD-2026-43028

Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security Software Pvt Ltd. OAuth Single Sign On - SSO OAuth Client allows Password Recovery Exploitation. This issue affects OAuth Single Sign On - SSO OAuth Client: from n/a through 38.5.8...

9.8CVSS6.1AI score0.00429EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 4 days ago8 views

PT-2026-57307

Name of the Vulnerable Software and Affected Versions miniOrange OAuth Single Sign On - SSO OAuth Client versions prior to 38.5.9 Description An authentication bypass exists in the miniOrange OAuth SSO WordPress plugin. An unauthenticated remote attacker can exploit an alternate password-recovery...

9.8CVSS6.1AI score0.00429EPSS
Exploits0References4
NVD
NVD
added 2026/06/17 2:17 p.m.12 views

CVE-2026-54817

Authentication Bypass Using an Alternate Path or Channel vulnerability in FluxBuilder MStore API allows Password Recovery Exploitation. This issue affects MStore API: from n/a through 4.18.4...

6.5CVSS0.00261EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 1:36 p.m.13 views

EUVD-2026-37706

Authentication Bypass Using an Alternate Path or Channel vulnerability in FluxBuilder MStore API allows Password Recovery Exploitation. This issue affects MStore API: from n/a through 4.18.4...

6.5CVSS5.2AI score0.00261EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/16 7:2 p.m.4 views

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the SNICheck process. An attacker can gain unauthorized access to protected backends by completing a TLS handshake using a permissive SNI and then sending an HTTP Host header...

10CVSS6AI score0.00245EPSS
Exploits1References2
Snyk
Snyk
added 2026/06/16 7:2 p.m.5 views

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the SNICheck process. An attacker can gain unauthorized access to protected backends by completing a TLS handshake using a permissive SNI and then sending an HTTP Host header...

10CVSS6AI score0.00245EPSS
Exploits1References2
Snyk
Snyk
added 2026/06/16 7:2 p.m.4 views

Authentication Bypass Using an Alternate Path or Channel

Overview github.com/traefik/traefik/v2/pkg/server is a server package for traefik, a cloud native edge router. Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the SNICheck process. An attacker can gain unauthorized access to protecte...

10CVSS6AI score0.00245EPSS
Exploits1References2
Snyk
Snyk
added 2026/06/16 7:2 p.m.7 views

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the SNICheck process. An attacker can gain unauthorized access to protected backends by completing a TLS handshake using a permissive SNI and then sending an HTTP Host header...

10CVSS6AI score0.00245EPSS
Exploits1References2
NVD
NVD
added 2026/06/15 2:16 p.m.19 views

CVE-2026-49062

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue affects Faust.Js: from n/a through 1.8.7...

8.8CVSS0.0029EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 12:51 p.m.11 views

EUVD-2026-36721

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue affects Faust.Js: from n/a through 1.8.7...

8.8CVSS5.2AI score0.0029EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 12:51 p.m.22 views

CVE-2026-49062

CVE-2026-49062 concerns the WordPress plugin Faust.js (faustwp)

8.8CVSS5.3AI score0.0029EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.27 views

PT-2026-49228

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue affects Faust.Js: from n/a through 1.8.7...

8.8CVSS5.2AI score0.0029EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/06/13 5:4 p.m.158 views

Exploit for Authentication Bypass Using an Alternate Path or Channel in Gitlab

CVE-2025-4524...

9.8CVSS8.2AI score0.09094EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.12 views

CVE-2025-41273

Nozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or Channel in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to bypass authentication of the Console web application and...

9.8CVSS5.5AI score0.00407EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.12 views

CVE-2026-45217

Authentication Bypass Using an Alternate Path or Channel vulnerability in ThemeHigh Stripe Payment Gateway for WooCommerce allows Password Recovery Exploitation. This issue affects Stripe Payment Gateway for WooCommerce: from n/a through 5.0.7...

6.5CVSS5.4AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.10 views

CVE-2026-4913

Improper protection of an alternate path in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to retain access when their account has been disabled...

5.7CVSS5.4AI score0.00586EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.9 views

CVE-2026-42735

Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through = 4.3.0...

8.2CVSS5.4AI score0.00255EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.10 views

CVE-2026-42749

Authentication Bypass Using an Alternate Path or Channel vulnerability in Themeisle Disable Comments for Any Post Types Remove comments comments-plus allows Password Recovery Exploitation.This issue affects Disable Comments for Any Post Types Remove comments: from n/a through = 1.3.0...

7.1CVSS5.4AI score0.00243EPSS
Exploits0References1
Rows per page
Query Builder