853 matches found
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the AdminService/StreamWorkflowReplicationMessages endpoint. An attacker can access replication streams and exfiltrate data by connecting to the frontend gRPC server without providing...
EUVD-2026-21093
A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators FPCs of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device. A local user with low privileges...
CVE-2026-4436 GPL Odorizers GPL750 Missing Authentication for Critical Function
A low-privileged remote attacker can send Modbus packets to manipulate register values that are inputs to the odorant injection logic such that too much or too little odorant is injected into a gas line...
CVE-2025-30650
A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...
Missing Authentication for Critical Function
Overview ci4-cms-erp/ci4ms is a composer create-project ci4-cms-erp/ci4ms Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the install route guard process when the database is temporarily unreachable and the cache is empty. An attacker can gain...
CVE-2025-30650
CVE-2025-30650 concerns Junos OS on Linux-based line cards. A Missing Authentication for Critical Function in command processing allows a privileged local user to gain root access to the Linux-based FPC. Affected line cards include: MPC7–MPC11; LC2101/LC2103; LC480/LC4800/LC9600; MX304 (built-in ...
CVE-2025-30650
A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...
EUVD-2025-209320
A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to line cards running Junos OS Evolved as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line...
CVE-2026-5300 Missing Authentication for Critical Function in coolercontrold
Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...
CVE-2026-5300 Missing Authentication for Critical Function in coolercontrold
Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...
CVE-2026-5300
CVE-2026-5300 affects CoolerControl/coolercontrold prior to version 4.0.0, where unauthenticated users can view and modify potentially sensitive data via HTTP requests. The issue impacts both confidentiality and integrity (CVSS v3.1 base scores: 9.1/CRITICAL under NVD, with NETWORK attack vector ...
PT-2026-31369
A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to line cards running Junos OS Evolved as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line...
Missing Authentication for Critical Function
Overview vite-plus is a The Unified Toolchain for the Web Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the fetchModule method exposed through the WebSocket interface when the server is explicitly exposed to the network and WebSocket is...
Missing Authentication for Critical Function
Overview org.webjars.npm:vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the fetchModule method exposed through the WebSocket interface when the server is explicitly exposed to the network and...
Missing Authentication for Critical Function
Overview gpt-researcher is a GPT Researcher is an autonomous agent designed for comprehensive web research on any task Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the HTTP REST API Endpoint and the WebSocket interface without any form of...
Missing Authentication for Critical Function
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the check.ffmpeg.json.php endpoint, which lacks access control checks. An attacker can obtain information about th...
CVE-2026-32211
Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network...
CVE-2026-28766
CVE-2026-28766 refers to Gardyn Cloud API missing authentication for a critical function. The initial description and related documents confirm that a specific endpoint exposes all user account information for registered Gardyn users without requiring authentication, enabling potential confidenti...
CVE-2026-28766 Gardyn Cloud API Missing Authentication for Critical Function
A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...
CVE-2026-28767 Gardyn Cloud API Missing Authentication for Critical Function
A specific administrative endpoint notifications is accessible without proper authentication...