849 matches found
CVE-2025-13778
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
Missing Authentication for Critical Function
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the plugin subagent runtime dispatch gateway methods. An attacker can gain unauthorized administrative access by sending unauthenticated...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the buildStreamAuthOptions function. An attacker can access sensitive workflow execution data, configurations, logs, and queue status by sending unauthenticated requests to Server-Sent...
CVE-2025-13779 Configuration Data Spill
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2025-13779
The CVE-2025-13779 entry concerns ABB AWIN GW100 rev.2 and AWIN GW120 units with a missing authentication vulnerability in a critical function. Affected revisions: GW100 rev.2 (2.0-0, 2.0-1) and GW120 (1.2-0, 1.2-1). The issue is exploitable with adjacent attack vector, low complexity, no privile...
CVE-2025-13778
The CVE-2025-13778 entry concerns ABB AWIN GW100 rev.2 and AWIN GW120 systems, identified by missing authentication for a critical function. Affected revisions include GW100 rev.2: 2.0-0, 2.0-1; GW120: 1.2-0, 1.2-1. The vulnerability’s impact is indicated as HIGH availability risk (CVSS 4.0: AV:A...
CVE-2026-2339
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection.This issue affects Liderahenk: before v3.4.0...
EUVD-2026-10584
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...
CVE-2026-23662
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...
Azure IoT Explorer Information Disclosure Vulnerability
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...
CVE-2026-2339 RCE in TUBITAK BILGEM's Liderahenk
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection. This issue affects Liderahenk: before 3.5.1...
CVE-2026-2339
CVE-2026-2339 affects Liderahenk before 3.4.0 with a Missing Authentication for Critical Function vulnerability that allows Remote Code Inclusion, Privilege Abuse and Command Injection. The issue is exploitable over the network (high access complexity, user interaction required) and has high impa...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the REST and WebSocket endpoints due to lack of authentication enforcement. An attacker can gain unauthorized access and interact with sensitive server functionality by sending requests...
PT-2026-24268
Уязвимость программного обеспечения Azure IoT Explorer связана с передачей критичной информации открытым текстом. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, раскрыть защищаемую информацию...
Advantech ADAM-5630 Missing Authentication for Critical Function (CVE-2024-39364)
Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...
Missing Authentication For Critical Function
Apache ActiveMQ Artemis is vulnerable to Missing Authentication for Critical Function. The vulnerability is due to missing authentication checks in the Core protocol federation mechanism, allowing an unauthenticated attacker to force the broker to establish an outbound connection to a rogue broke...
Missing Authentication for Critical Function
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the WHITELISTURLS configuration, which allows unauthenticated access to privileged endpoints under /api/v1/nvidia-nim/. An attacker can obtain valid NVIDIA A...
Apache Artemis 2.11.0 < 2.45.0 / 2.50.0 < 2.52.0 Missing Authentication (CVE-2026-27446)
The version of Apache Artemis formerly Apache ActiveMQ Artemis installed on the remote host is affected by a vulnerability: - Missing Authentication for Critical Function vulnerability. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound...
CVE-2026-30784 RustDesk hbbs/hbbr Servers Broker Connections Without Any Authorization Check
Missing Authorization, Missing Authentication for Critical Function vulnerability in rustdesk-server RustDesk Server rustdesk-server, rustdesk-server-pro on hbbs/hbbr on all server platforms Rendezvous server hbbs, relay server hbbr modules allows Privilege Abuse. This vulnerability is associated...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the Core protocol implementation. A malicious broker can force a broker to establish an outbound Core federation connection to it, and use it to inject or exfiltrate messages from the...