CVE-2026-40910

Summary : frp versions 0.43.0–0.68.0 contain an authentication bypass in the HTTP vhost routing path when using routeByHTTPUser for access control. The routing logic derives the route from the Proxy-Authorization username, while access control checks credentials from the standard Authorization he...

Cockpit 操作系统命令注入漏洞

Cockpit is an interactive server management interface developed by Cockpit OpenSource. Cockpit has a vulnerability related to operating system command injection. This vulnerability arises from the remote login feature, which transmits the user-provided host name and username to the SSH client...

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the way the server’s middleware processes "Share Tokens." While these tokens are intended to grant temporary, restricted access to a single file, the BasicAuthMiddleware...

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the way the server’s middleware processes "Share Tokens." While these tokens are intended to grant temporary, restricted access to a single file, the BasicAuthMiddleware...

CVE-2026-32730

CVE-2026-32730 affects ApostropheCMS: the bearer token authentication flow can bypass MFA/TOTP if a password-verification token (incompleteToken) is used as a bearer token. The root cause is a MongoDB query bug in the getBearer() logic: it checks for requirementsToVerify with $ne: [] (not equal t...

EUVD-2026-12669

GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, a malicious actor with knowledge of a user's credentials can bypass MFA and steal their account. Version 11.0.6 fixes the issue...

Dagu: SSE Authentication Bypass in Basic Auth Mode

SSE Authentication Bypass in Basic Auth Mode Summary When Dagu is configured with HTTP Basic authentication DAGUAUTHMODE=basic, all Server-Sent Events SSE endpoints are accessible without any credentials. This allows unauthenticated attackers to access real-time DAG execution data, workflow...

GHSA-9WMW-9WPH-2VWP Dagu: SSE Authentication Bypass in Basic Auth Mode

SSE Authentication Bypass in Basic Auth Mode Summary When Dagu is configured with HTTP Basic authentication DAGUAUTHMODE=basic, all Server-Sent Events SSE endpoints are accessible without any credentials. This allows unauthenticated attackers to access real-time DAG execution data, workflow...

dagu 访问控制错误漏洞

Dagu is an open-source workflow engine developed by Dagu Workflow Engine. Versions of Dagu prior to 2.2.4 contained a security vulnerability related to access control. This vulnerability stemmed from the use of HTTP basic authentication, where all server-sent event endpoints could be accessed...

Iskra iHUB and iHUB Lite

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to reconfigure devices, update firmware, and manipulate connected systems without any credentials. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

CVE-2025-48397

The privileged user could log in without sufficient credentials after enabling an application protocol. This security issue has been fixed in the latest script patch latest version of of Eaton BLSS 7.3.0.SCP004...

CVE-2025-62398

A serious authentication flaw allowed attackers with valid credentials to bypass multi-factor authentication under certain conditions, potentially compromising user accounts...

CVE-2025-10127

Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...

CVE-2025-10127 Daikin Europe N.V Security Gateway Weak Password Recovery Mechanism for Forgotten Password

Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...

NodeJS Driver for Snowflake 安全漏洞

NodeJS Driver for Snowflake is an open source NodeJS driver from Snowflake Computing. A security vulnerability exists in NodeJS Driver for Snowflake versions prior to 2.0.2, which stems from an attacker with write access to a local cache directory can bypass file permission checks in the temporar...

Chcnav P5E GNSS 授权问题漏洞

Chcnav P5E GNSS is a Global Positioning System from Chcnav. A security vulnerability exists in Chcnav P5E GNSS that stems from an error in the way user cookies are checked, which can be exploited by an attacker to bypass system identification using a username and password...

Credentials bypass in Apache Druid

When LDAP authentication is enabled in Apache Druid 0.17.0, callers of Druid APIs with a valid set of LDAP credentials can bypass the credentialsValidator.userSearch filter barrier that determines if a valid LDAP user is allowed to authenticate with Druid. They are still subject to role-based...

GHSA-QH2G-7H5P-MXF4 Credentials bypass in Apache Druid

When LDAP authentication is enabled in Apache Druid 0.17.0, callers of Druid APIs with a valid set of LDAP credentials can bypass the credentialsValidator.userSearch filter barrier that determines if a valid LDAP user is allowed to authenticate with Druid. They are still subject to role-based...

php-revista 1.1.2 (rfi/sqli/cb/xss) Multiple Vulnerabilities

No description provided by source. Discovered by Sirdarckcat from elhacker.net ------------------------------------------------------------------------ ------------ Revista 1.1.2 http://php-revista.sourceforge.org ------------------------------------------------------------------------ ----------...

Cuteflow 2.10.3 Security Bypass

It's possible edit the users including the admin account, bypassing the authentication through the address: http://localhost/cuteflow/pages/edituser.php?userid=1&language=pt&sortby=st rLastName&sortdir=ASC&start=1 The vulnerability is caused due to the application not properly restricting access ...