Lucene search
K

1148 matches found

NVD
NVD
added last week6 views

CVE-2026-12352

This vulnerability allows an unauthenticated actor to bypass authentication and gain access to restricted resources on the device...

5.9CVSS0.00259EPSS
Exploits0References1
CVE
CVE
added last week15 views

CVE-2026-12352

Technical details (affected products/versions, root cause, exploit conditions, or remediation) are not publicly provided in the supplied documents. Monitor for updates on CVE-2026-12352.

5.9CVSS6AI score0.00259EPSS
Exploits0References1
EUVD
EUVD
added last week7 views

EUVD-2026-42047

This vulnerability allows an unauthenticated actor to bypass authentication and gain access to restricted resources on the device...

5.9CVSS6AI score0.00259EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added last week7 views

CVE-2026-12352

This vulnerability allows an unauthenticated actor to bypass authentication and gain access to restricted resources on the device...

5.9CVSS6AI score0.00259EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.11 views

PT-2026-56192

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description An unauthenticated actor can bypass authentication to gain access to restricted resources on the device. Recommendations At the moment, there is no information...

5.9CVSS6.1AI score0.00259EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/06 7:23 p.m.6 views

EUVD-2026-41905

Improper enforcement of a mandatory multi-factor authentication policy in Devolutions Server 2026.2.9.0 allows an attacker with valid user credentials to bypass the MFA Required policy and authenticate without completing multi-factor authentication. The problem occurs when DVLS encounters an...

6AI score0.00231EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55656

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An authentication bypass exists when using a malformed SSH sub-verb during LFS Large File Storage operations. This flaw allows unauthorized read access to privat...

7.7CVSS6AI score0.0031EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/07/02 2:50 p.m.36 views

CVE-2026-55113

A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...

7.5CVSS0.00223EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:49 p.m.7 views

CVE-2026-54407

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication in certain UniFi Protect Application API endpoints...

8.6CVSS5.8AI score0.00291EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/02 2:49 p.m.34 views

CVE-2026-54407

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication in certain UniFi Protect Application API endpoints...

8.6CVSS0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 2:49 p.m.35 views

CVE-2026-54408

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication for data streaming...

8.6CVSS0.0028EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:49 p.m.7 views

CVE-2026-54403

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances...

8.6CVSS5.8AI score0.00457EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:49 p.m.6 views

CVE-2026-54408

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication for data streaming...

8.6CVSS5.8AI score0.0028EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 2:49 p.m.6 views

EUVD-2026-41381

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances...

8.6CVSS5.8AI score0.00457EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 2:49 p.m.8 views

EUVD-2026-41382

A malicious actor with access to the network and under certain conditions could exploit an Improper Initialization vulnerability found in UniFi Protect Application to bypass authentication in UniFi Protect Cameras...

7.5CVSS5.8AI score0.00254EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 2:49 p.m.16 views

CVE-2026-54407

The CVE-2026-54407 entry concerns UniFi Protect Application with an Improper Access Control flaw that allows bypassing authentication on certain API endpoints. The vulnerability enables an unauthenticated or improperly authenticated actor with network access to interact with protected UniFi Prote...

8.6CVSS5.8AI score0.00291EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.8 views

PT-2026-55239

Name of the Vulnerable Software and Affected Versions UniFi OS affected versions not specified Description A path traversal issue exists in certain devices running UniFi OS. A malicious actor with network access can exploit this to bypass authentication on the affected devices or instances. Path...

8.6CVSS6AI score0.00457EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 10:16 p.m.12 views

CVE-2026-53576

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API @Filter"/api/v1/" treats any request whose path ends in /configs as the public instance-config endpoint and forwards it without a credential check. kestra addresse...

10CVSS0.00472EPSS
Exploits2References1
OSV
OSV
added 2026/06/25 6:26 p.m.4 views

GO-2026-5163 Traefik's ForwardAuth trustForwardHeader=false allows spoofed X-Forwarded-Prefix to bypass authentication in github.com/traefik/traefik

Traefik's ForwardAuth trustForwardHeader=false allows spoofed X-Forwarded-Prefix to bypass authentication in github.com/traefik/traefik...

10CVSS5.8AI score0.00267EPSS
Exploits1References5
NVD
NVD
added 2026/06/25 12:17 a.m.7 views

CVE-2026-9782

Quest NetVault Backup NVBUDeviceDrive SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault Backup. Although authentication is required to exploit this vulnerability, the existing...

8.8CVSS0.00689EPSS
Exploits0References2
Rows per page
Query Builder