849 matches found
PT-2026-29904
Name of the Vulnerable Software and Affected Versions Azure Web Apps affected versions not specified Description An issue exists in Azure MCP Server where missing authentication for a critical function allows an unauthorized attacker to disclose information over a network. Recommendations At the...
Missing Authentication for Critical Function
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the absence of authentication checks in the list.json.php template used by multiple plugin endpoints. An attack...
Missing Authentication for Critical Function
Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the key-management endpoints due to improper enforcements of proxy-admin, team-admin, org-admin, or ownership checks. An...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the MCP server insecure CORS configuration and lack of authentication in the MCP interface. An attacker can gain unauthorized control over all active sessions and exfiltrate sensitive data...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the MCP server insecure CORS configuration and lack of authentication in the MCP interface. An attacker can gain unauthorized control over all active sessions and exfiltrate sensitive data...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the mcpmessage endpoint due to missing authentication checks and an empty default IP whitelist, which is treated as allowing all connections. An attacker can gain full control over the Ngi...
CVE-2026-33366
Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
No d...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
A script for C...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
CVE-2026-23744 python script for exploiting CVE-2026-23744...
CVE-2026-33366
Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication...
CVE-2026-33366
Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication...
CVE-2026-33366
CVE-2026-33366 concerns BUFFALO Wi-Fi router products with a vulnerability in a critical function that is missing authentication, potentially allowing an attacker to forcibly reboot the device over the network without valid credentials. The issue is described with two CVSS vectors: CVSS3.0 base s...
EUVD-2026-16379
Missing Authentication for Critical Function vulnerability in Drupal AJAX Dashboard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AJAX Dashboard: from 0.0.0 before 3.1.0...
CVE-2026-3527
Missing Authentication for Critical Function vulnerability in Drupal AJAX Dashboard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AJAX Dashboard: from 0.0.0 before 3.1.0...
CVE-2026-3527 AJAX Dashboard - Critical - Access bypass - SA-CONTRIB-2026-022
Missing Authentication for Critical Function vulnerability in Drupal AJAX Dashboard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AJAX Dashboard: from 0.0.0 before 3.1.0...
CVE-2026-3527
Missing Authentication for Critical Function vulnerability in Drupal AJAX Dashboard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AJAX Dashboard: from 0.0.0 before 3.1.0...
CVE-2025-13779
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2026-23662
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...
CVE-2026-2417
A Missing Authentication for Critical Function vulnerability in Pharos Controls Mosaic Show Controller firmware version 2.15.3 could allow an unauthenticated attacker to bypass authentication and execute arbitrary commands with root privileges...