Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedHat Linux
RedHat Linuxadded 2026/05/18 12:24 p.m.12 views

org.wildfly.core:wildfly-elytron-integration: Wildfly Elytron Brute Force Attack via CLI

A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI...

8.1CVSS7.2AI score0.00373EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2026/05/18 12:21 p.m.9 views

org.wildfly.core:wildfly-elytron-integration: Wildfly Elytron Brute Force Attack via CLI

A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI...

8.1CVSS7.2AI score0.00373EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2026/05/18 12:12 p.m.13 views

org.wildfly.core:wildfly-elytron-integration: Wildfly Elytron Brute Force Attack via CLI

A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI...

8.1CVSS7.2AI score0.00373EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/03/19 10:7 p.m.4 views

CVE-2026-32025 OpenClaw < 2026.2.25 - Password Brute-Force via Browser-Origin WebSocket Authentication Bypass

OpenClaw versions prior to 2026.2.25 contain an authentication hardening gap in browser-origin WebSocket clients that allows attackers to bypass origin checks and auth throttling on loopback deployments. An attacker can trick a user into opening a malicious webpage and perform password brute-forc...

7.5CVSS5.8AI score0.00109EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/10/06 7:3 a.m.4 views

CVE-2025-58587 Improper Restriction of Excessive Authentication Attempts

The application does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it possible for an attacker to guess user credentials...

6.5CVSS0.00215EPSS
Exploits0References6
Hacker One
Hacker Oneadded 2025/05/23 2:55 p.m.107 views

Lichess: Improper Authentication Throttling Allows Attacker-Controlled Account Lockouts

The application lacks sufficient safeguards in its authentication throttling logic. It permits arbitrary users to trigger lockouts on any account by submitting multiple failed login attempts using a known or guessed username. Because the system does not verify the request origin or impose...

7AI score
Exploits0
Rows per page
Query Builder