Lucene search
K

873 matches found

EUVD
EUVD
added 4 days ago5 views

EUVD-2026-42058

Esri Portal for ArcGIS versions 12.1 and earlier on Windows, Linux and Kubernetes have a missing authentication for critical function vulnerability allows a remote, unauthenticated attacker to access an unprotected API...

9.8CVSS6AI score0.0041EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 1:12 p.m.6 views

EUVD-2026-41371

Missing authentication for critical function vulnerability in TR7 Cyber ​​Defense Inc. WAF-ASP allows Authentication Abuse. This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117...

9.8CVSS5.8AI score0.00333EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 8:59 p.m.13 views

CVE-2026-40702

CVE-2026-40702 involves WebSocket endpoints in EVoke Systems EVoke CSMS that lack authentication, allowing attackers to impersonate charging stations and gain unauthorized access or perform actions. The underlying issue is no authentication for the WebSocket interface, enabling privilege escalati...

9.4CVSS5.9AI score0.00378EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 4:16 p.m.7 views

CVE-2026-4522

Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYPR Passwordless: before 11.1.1...

6.7CVSS0.00123EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 3:39 p.m.32 views

CVE-2026-4522

Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYPR Passwordless: before 11.1.1...

6.7CVSS0.00123EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38999

Missing Authentication for Critical Function CWE-306 in the RegisterView apps/accounts/views.py, exposed at POST /api/auth/register/, in MailerUp 1.0.1 allows a remote, unauthenticated attacker to self-register a working account on instances where registration is intended to be restricted, becaus...

8.8CVSS6AI score0.00406EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51838

Name of the Vulnerable Software and Affected Versions MailerUp versions prior to 1.0.1 Description Missing authentication for a critical function in the RegisterView apps/accounts/views.py allows a remote, unauthenticated attacker to self-register an account on instances where registration should...

8.8CVSS5.8AI score0.00406EPSS
Exploits0References5
NVD
NVD
added 2026/06/23 1:16 p.m.12 views

CVE-2026-10711

Missing authentication for critical function vulnerability in AKIN Software Computer Import Export Industry and Trade Ltd. CafePlus allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects CafePlus: from 12.05.03 before 12.05.04...

8.8CVSS0.00228EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 12:8 p.m.11 views

CVE-2026-10711

CVE-2026-10711 affects AKIN Software’s CafePlus (CafePlus product) and is described as a missing authentication for a critical function vulnerability that allows accessing functionality not properly constrained by ACLs. The CVE entry notes impact on CafePlus versions from 12.05.03 prior to 12.05....

8.8CVSS5.9AI score0.00228EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 12:8 p.m.8 views

EUVD-2026-38426

Missing authentication for critical function vulnerability in AKIN Software Computer Import Export Industry and Trade Ltd. CafePlus allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects CafePlus: from 12.05.03 before 12.05.04...

8.8CVSS5.9AI score0.00228EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/19 1:58 p.m.3 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the HUD server when it is bound to a non-loopback address. An attacker can execute arbitrary developer-defined resources, modify arguments, and access sensitive engine state by making...

9.2CVSS6AI score
Exploits0References2
EUVD
EUVD
added 2026/06/19 12:31 a.m.12 views

EUVD-2026-37946

Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network...

9.8CVSS5.3AI score0.00578EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 10:16 p.m.13 views

CVE-2026-54130

Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network...

9.8CVSS0.00578EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/06/18 2:0 p.m.14 views

M365 Copilot Information Disclosure Vulnerability

Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network...

9.8CVSS5.9AI score0.00578EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.19 views

PT-2026-50812

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions 6.9 through 9.15 Description In server mode, two state-mutating endpoints in the SQL Editor blueprint are missing the @pga login required authentication decorator, allowing them to be accessed without an authenticated sessio...

9.5CVSS6.5AI score0.0071EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.22 views

PT-2026-50802

Name of the Vulnerable Software and Affected Versions M365 Copilot affected versions not specified Description A missing authentication flaw in a critical function allows an unauthorized attacker to disclose information over a network. Recommendations At the moment, there is no information about ...

9.8CVSS5.9AI score0.00578EPSS
Exploits0References9
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/18 12:0 a.m.10 views

Splunk Enterprise Missing Authentication for Critical Function Vulnerability

Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create or truncate arbitrary files through a PostgreSQL sidecar service endpoint...

9.8CVSS5.9AI score0.88171EPSS
In wildExploits5
Snyk
Snyk
added 2026/06/17 6:43 p.m.5 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the createuploadfile function. An attacker can exhaust server disk space and obtain sensitive file system information by uploading arbitrary files without authentication and receiving...

9.3CVSS6AI score0.00332EPSS
Exploits1References2
NVD
NVD
added 2026/06/17 6:17 p.m.12 views

CVE-2026-2675

Missing Authentication for Critical Function vulnerability in RTI Connext Professional Security Plugins allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1., from 6.0.0 before 6.0., from 5.3.0 before 5.3...

6.5CVSS0.00212EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 5:20 p.m.21 views

CVE-2026-30799 Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Identity Spoofing.

Missing Authentication for Critical Function vulnerability in RTI Connext Professional Security Plugins allows Identity Spoofing.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3., from 6.1.0 before 6.1., from 6.0.0 before 6.0., from 5.3.0 before 5.3...

6.1CVSS0.00255EPSS
Exploits0References1
Rows per page
Query Builder