161474 matches found
CVE-2026-45567 Roxy-WI: Authentication bypass via 'api' substring in URL + unauthenticated /api/gpt
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, there is an authentication bypass vulnerability via 'api' substring in URL + unauthenticated /api/gpt. At time of publication, there are no publicly available patches...
CVE-2026-6090
A potential authentication bypass was reported in Lenovo Smart Connect for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges...
Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities
Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that could result in arbitrary code execution and information disclosure. The security flaw patched by Fortinet relates to a command injection vulnerability in FortiSandbox, FortiSandbox...
CVE-2026-10523
An Authentication Bypass vulnerability CWE-288 in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access...
CVE-2026-50751
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...
CVE-2026-50752
A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could all...
Exploit for Improper Authentication in Checkpoint Gaia_Os
CVE-2026-50751 Check Point IKEv1 Scanner A multi-threaded vul...
CVE-2026-48860
Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl inettlsdist module allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inettlsdist:checkip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS, calls inet:sockname/1 instead...
EUVD-2026-36054
Observable Timing Discrepancy vulnerability in Erlang/OTP ssh sshauth, sshoptions modules allows unauthenticated remote username enumeration via timing side-channel in password authentication. When the SSH daemon is configured with the userpasswords or password option, sshauth:checkpassword/3...
CVE-2026-8335 Missing authentication in Aix-DB
A missing authentication check on the Aix‑DB "/llm/processllmout" endpoint allows unauthenticated clients to execute arbitrary "SELECT" SQL queries and retrieve database data, as the endpoint lacks the token validation enforced on all other application endpoints. All releases up to 1.2.4 are...
CVE-2026-8335 Missing authentication in Aix-DB
A missing authentication check on the Aix‑DB "/llm/processllmout" endpoint allows unauthenticated clients to execute arbitrary "SELECT" SQL queries and retrieve database data, as the endpoint lacks the token validation enforced on all other application endpoints. All releases up to 1.2.4 are...
CVE-2026-52754
Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate privileges, modify...
Exploit for Improper Authentication in Checkpoint Gaia_Os
markdown CVE-2026-50751 - Check Point IKEv1 Authentication Byp...
EUVD-2026-36049
A potential authentication bypass was reported in Lenovo Smart Connect for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges...
CVE-2026-6090
A potential authentication bypass was reported in Lenovo Smart Connect for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges...
CVE-2026-6090
Lenovo Smart Connect for Windows is described as affected by CVE-2026-6090, a potential authentication bypass that could allow a local authenticated user to execute arbitrary code with elevated privileges. CVSS metrics show: CVSS v3.1 base score 7.0 (LOCAL, HIGH impact to Confidentiality/Integrit...
CVE-2026-6090
A potential authentication bypass was reported in Lenovo Smart Connect for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges...
EUVD-2026-36036
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, agentaction app/routes/smon/agentroutes.py:166-179 has decorators @bp.post'/agent/action/' and @jwtrequired only — no role check, no group ownership check on the serverip form...
Go Restful API Boilerplate: Hardcoded JWT Secret "random" Allows Token Forgery
Vulnerability: CWE-798 — Hardcoded JWT Secret + Broken Mitigation Affected Component - github.com/dhax/go-base — Go REST API boilerplate go-chi/jwtauth/v5, Viper, PostgreSQL/Bun - 1,685 stars on GitHub Vulnerability Locations | File | Line | Role | |------|------|------| | dev.env | 10 |...
GHSA-5G86-85RP-F9HX Papra HTTP redirect bypass can lead to SSRF via webhook delivery system
Summary Papra's webhook delivery system contains an SSRF protection bypass that allows any authenticated organisation member to cause the server to make HTTP requests to internal addresses — loopback, link-local, and RFC-1918 ranges. The SSRF protection validates the registered webhook URL but...