849 matches found
Missing Authentication for Critical Function
Overview ci4-cms-erp/ci4ms is a composer create-project ci4-cms-erp/ci4ms Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the install route guard process when the database is temporarily unreachable and the cache is empty. An attacker can gain...
EUVD-2025-209320
A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to line cards running Junos OS Evolved as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line...
CVE-2025-30650
A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...
CVE-2025-30650
CVE-2025-30650 concerns Junos OS on Linux-based line cards. A Missing Authentication for Critical Function in command processing allows a privileged local user to gain root access to the Linux-based FPC. Affected line cards include: MPC7–MPC11; LC2101/LC2103; LC480/LC4800/LC9600; MX304 (built-in ...
CVE-2026-5300 Missing Authentication for Critical Function in coolercontrold
Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...
CVE-2026-5300 Missing Authentication for Critical Function in coolercontrold
Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...
CVE-2026-5300
CVE-2026-5300 affects CoolerControl/coolercontrold prior to version 4.0.0, where unauthenticated users can view and modify potentially sensitive data via HTTP requests. The issue impacts both confidentiality and integrity (CVSS v3.1 base scores: 9.1/CRITICAL under NVD, with NETWORK attack vector ...
PT-2026-31369
A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to line cards running Junos OS Evolved as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line...
Missing Authentication for Critical Function
Overview vite-plus is a The Unified Toolchain for the Web Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the fetchModule method exposed through the WebSocket interface when the server is explicitly exposed to the network and WebSocket is...
Missing Authentication for Critical Function
Overview org.webjars.npm:vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the fetchModule method exposed through the WebSocket interface when the server is explicitly exposed to the network and...
Missing Authentication for Critical Function
Overview gpt-researcher is a GPT Researcher is an autonomous agent designed for comprehensive web research on any task Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the HTTP REST API Endpoint and the WebSocket interface without any form of...
Missing Authentication for Critical Function
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the check.ffmpeg.json.php endpoint, which lacks access control checks. An attacker can obtain information about th...
CVE-2026-32211
Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network...
CVE-2026-28766 Gardyn Cloud API Missing Authentication for Critical Function
A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...
CVE-2026-28766
CVE-2026-28766 refers to Gardyn Cloud API missing authentication for a critical function. The initial description and related documents confirm that a specific endpoint exposes all user account information for registered Gardyn users without requiring authentication, enabling potential confidenti...
CVE-2026-28767 Gardyn Cloud API Missing Authentication for Critical Function
A specific administrative endpoint notifications is accessible without proper authentication...
Missing Authentication for Critical Function
Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the FastAPI...
EUVD-2026-18560
Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network...
CVE-2026-32211
Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network...
Azure MCP Server Information Disclosure Vulnerability
Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network...