PT-2026-48885

Name of the Vulnerable Software and Affected Versions Pause+ Mobile App versions 1.0.6 through 1.4.x Description Improper restriction of excessive authentication attempts allows for authentication bypass. Recommendations Update to version 1.5...

CVE-2026-3329

CVE-2026-3329 affects Sonatype Nexus Repository. A remote unauthenticated attacker can perform credential-guessing attacks via authentication endpoints, with a CVSS v4.0 base score 8.7 (HIGH) and network exposure. The vulnerability is characterized by a lack of authentication requirements for gue...

EUVD-2025-26494

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass, Password Recovery Exploitation, Brute Force. This issue affects MyRezzta: from s2.03.01 before v2.05.01...

EUVD-2026-31288

Improper restriction of excessive authentication attempts vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Brute Force. This issue affects Mobile Application: from 1.6.2 before 1.13...

PT-2026-42475

Improper restriction of excessive authentication attempts vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Brute Force. This issue affects Mobile Application: from 1.6.2 before 1.13...

CVE-2025-2514

CVE-2025-2514 affects Hitachi Virtual Storage Platform families (G130/G150/G350/G370/G700/G900/F350/F370/F700/F900; E390/E590/E790/E990/E390H/E590H/E790H/E1090H; One Block 23/24/26/28). The issue is Improper Restriction of Excessive Authentication Attempts, impacting before listed DKCMAIN, GUM, a...

CodeWise Tornet Scooter Mobile App 安全漏洞

The CodeWise Tornet Scooter Mobile App is a shared electric scooter management application developed by CodeWise. Version 4.75 of the CodeWise Tornet Scooter Mobile App contains a security vulnerability. This vulnerability stems from improper restrictions placed on excessive authentication attemp...

CVE-2025-46606

Dell PowerProtect Data Domain with DD OS Feature Release versions 8.4–8.5 are affected by an improper restriction of excessive authentication attempts, which could allow a high-privilege attacker with remote access to gain unauthorized access. The vulnerability details, including affected product...

CVE-2025-46606

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 8.4 through 8.5 contain an improper restriction of excessive authentication attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading...

PT-2026-33443

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain with Data Domain Operating System DD OS versions 8.4 through 8.5 Description An improper restriction of excessive authentication attempts allows a high privileged attacker with remote access to potentially gain...

CVE-2026-2402

CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker to gain access to the user account by performing an arbitrary number of authentication attempts with different credentials on a sequence of requests to multiple endpoints...

CVE-2026-2402

CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker to gain access to the user account by performing an arbitrary number of authentication attempts with different credentials on a sequence of requests to multiple endpoints...

CVE-2026-22629

An improper restriction of excessive authentication attempts vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4 all versions, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4,...

CVE-2025-36363

CVE-2025-36363 affects IBM DevOps Plan 3.0.0–3.0.5. The root cause is an inadequate account lockout setting, potentially allowing a remote attacker to brute-force credentials. Documented impact is exposure of confidentiality with no integrity/availability impact stated; CVSS metrics indicate high...

CVE-2025-7630 OTP Password Brute Forcing in DorukNet's Wispotter

Improper Restriction of Excessive Authentication Attempts, Improper Authentication vulnerability in Doruk Communication and Automation Industry and Trade Inc. Wispotter allows Password Brute Forcing, Brute Force. This issue affects Wispotter: from 1.0 before v2025.10.08.1...

CVE-2026-2110 Tasin1025 SwiftBuy login.php excessive authentication

A security flaw has been discovered in Tasin1025 SwiftBuy up to 0f5011372e8d1d7edfd642d57d721c9fadc54ec7. Affected by this vulnerability is an unknown functionality of the file /login.php. Performing a manipulation results in improper restriction of excessive authentication attempts. Remote...

CVE-2026-1685

A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is characterized by high...

CVE-2026-1409

A security vulnerability has been detected in Beetel 777VR1 up to 01.00.09/01.00.0955. This issue affects some unknown processing of the component UART Interface. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack on the physic...

CVE-2026-1409 Beetel 777VR1 UART excessive authentication

A security vulnerability has been detected in Beetel 777VR1 up to 01.00.09/01.00.0955. This issue affects some unknown processing of the component UART Interface. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack on the physic...

PT-2026-4679

A security vulnerability has been detected in Beetel 777VR1 up to 01.00.09/01.00.09 55. This issue affects some unknown processing of the component UART Interface. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack on the...