ROS-20260610-73-0022

The vulnerability in Thunderbird relates to exploiting an authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions without being detected...

ROS-20260529-73-0012

The vulnerability of HashiCorp’s Vault Community Edition and Vault Enterprise, platforms for archiving corporate information, lies in the ability to bypass authentication by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to cause service interruptions...

EUVD-2026-13310

OpenClaw versions prior to 2026.2.26 server-http contains an authentication bypass vulnerability in gateway authentication for plugin channel endpoints due to path canonicalization mismatch between the gateway guard and plugin handler routing. Attackers can bypass authentication by sending reques...

The vulnerability of the Apache Tomcat application server arises from bypassing the authentication process by using an alternative path or channel, allowing attackers to compromise the confidentiality of the protected information.

The vulnerability of the Apache Tomcat application server arises from bypassing authentication procedures by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality of the protected information...

The vulnerability of the Broker VM component in the Cortex XDR security platform, related to improper protection of the alternative path, allows a perpetrator to disclose protected information.

The vulnerability of the Broker VM component in the Cortex XDR security platform is related to improper protection of the alternative path. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the commercial vBulletin web forum, related to improper protection of the alternative path, allows a hacker to execute arbitrary code.

The vulnerability of the commercial vBulletin web forum is related to improper protection of an alternative path. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Inedo ProGet package management system lies in its ability to bypass the authentication process by using an alternative path or channel. This allows a perpetrator to cause a service failure or disclose protected information.

The vulnerability of the Inedo ProGet package management system relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to cause service failures or disclose protected information...

The vulnerability of the Mozilla Firefox Focus browser, related to bypassing the authentication process through an alternative path or channel, allows attackers to circumvent screen lock settings.

The vulnerability of the Mozilla Firefox Focus browser relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent screen lock settings...

The vulnerability of the Ivanti Avalanche device management system, related to bypassing the authentication process by using an alternative path or channel, allows a perpetrator to circumvent the authentication process.

The vulnerability of the Ivanti Avalanche device management system relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent the authentication process...

The vulnerability of the Ivanti Avalanche device management system, related to bypassing the authentication process by using an alternative path or channel, allows a perpetrator to circumvent the authentication process.

The vulnerability of the Ivanti Avalanche device management system relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent the authentication process...

The vulnerability of the Command Line Interface (CLI) of the Fortinet FortiClient security device allows a perpetrator to increase their privileges and execute arbitrary code.

The vulnerability of the Command Line Interface CLI of the Fortinet FortiClient security device relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code by sendi...

The vulnerability of the microprogramming software of industrial routers such as Billion M100, Billion M150, Billion M120N, and Billion M500 lies in the ability to bypass authentication procedures by using an alternative path or channel. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the microprogrammed software in industrial routers such as Billion M100, Billion M150, Billion M120N, and Billion M500 relates to the ability to bypass authentication procedures by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to...

The vulnerability of server software like HAProxy, related to bypassing authentication using an alternative path or channel, allows attackers to obtain confidential information.

The vulnerability of the server software HAProxy is related to the inclusion of as part of the URI component. Exploiting this vulnerability can allow a remote attacker to obtain confidential information...

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, related to bypassing the authentication process through an alternative path or channel, allows a hacker to perform arbitrary actions.

The vulnerability of the Continuous Integration and Application Delivery system CI/CD of JetBrains TeamCity relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to perform arbitrary actions remotely...

The vulnerability of the ConnectWise ScreenConnect remote access software lies in its ability to bypass the authentication process by using an alternative path or channel. This allows a perpetrator to execute arbitrary code.

The vulnerability of the ConnectWise ScreenConnect remote access software lies in the ability to bypass the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary code...

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, related to bypassing the authentication process by using an alternative path or channel, allows a hacker to execute arbitrary code.

The vulnerability of the Continuous Integration and Application Delivery system CI/CD of TeamCity in JetBrains is related to the ability to bypass the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

The vulnerability of the CI/CD system’s TeamCity component, related to bypassing the authentication process through an alternative path or channel, allows a hacker to gain access to the guest portal without being authenticated.

The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of JetBrains TeamCity relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to gain access to the gateway port...

The vulnerability of the Docker Desktop platform for developing and delivering container applications lies in its improper protection of an alternative path, allowing a attacker to execute arbitrary code.

The vulnerability of the Docker Desktop platform for developing and delivering container applications is related to improper protection of the alternative path. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the ImageCast X ballot marking device’s software lies in the improper protection of an alternative path, allowing a hacker to load the Android Safe Mode and execute arbitrary code.

The vulnerability of the ImageCast X ballot marking device’s software is related to improper protection of an alternative path. Exploiting this vulnerability allows a hacker to load the Android Safe Mode and execute arbitrary code...

The vulnerability of the SolarWinds Orion Platform monitoring platform lies in its ability to bypass authentication by using an alternative path or channel, allowing a perpetrator to execute arbitrary code.

The vulnerability of the SolarWinds Orion Platform monitoring platform relates to bypassing authentication by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...