Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

849 matches found

CVE
CVEadded 2025/09/24 9:4 a.m.12 views

CVE-2025-41716

CVE-2025-41716 describes an unauthenticated information disclosure where a remote attacker can enumerate existing user accounts and their roles due to missing authentication for a critical function. Connected sources reference WAGO Device Sphere and WAGO Solution Builder as affected, describing a...

5.3CVSS6.6AI score0.00366EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/09/24 12:0 a.m.3 views

PT-2025-39238

Name of the Vulnerable Software and Affected Versions Web Application affected versions not specified Description The web application has a flaw that allows an unauthenticated remote attacker to gather information about existing user accounts, including their roles, due to a lack of authenticatio...

5.3CVSS6.4AI score0.00366EPSS
Exploits0References6
OSV
OSVadded 2025/09/17 5:3 p.m.1 views

GO-2025-3951 Chaos Mesh's Chaos Controller Manager is Missing Authentication for Critical Function in github.com/chaos-mesh/chaos-mesh

Chaos Mesh's Chaos Controller Manager is Missing Authentication for Critical Function in github.com/chaos-mesh/chaos-mesh. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positiv...

7.5CVSS6.9AI score0.00987EPSS
Exploits1References5
NVD
NVDadded 2025/09/01 4:15 a.m.3 views

CVE-2025-7405

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to read or write the device values of the product and stop the operation of the programs, since MODBUS/TCP in the products does not...

7.3CVSS0.00425EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/09/01 12:0 a.m.4 views

Mitsubishi Electric MELSEC iQ-F Series CPU 访问控制错误漏洞

The Mitsubishi Electric MELSEC iQ-F Series CPUs are a series of CPU modules from Mitsubishi Electric Corporation Mitsubishi Electric, Japan. An access control error vulnerability exists in the Mitsubishi Electric MELSEC iQ-F Series CPUs, which stems from a lack of authentication of a critical...

7.3CVSS6.8AI score0.00425EPSS
Exploits0References5
NVD
NVDadded 2025/08/30 4:15 a.m.2 views

CVE-2025-54942

A missing authentication for critical function vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to access deployment functionality without prior authentication...

9.8CVSS0.00446EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/08/30 3:37 a.m.3 views

CVE-2025-54942 SUNNET Corporate Training Management System - Missing Authentication for Critical Function

A missing authentication for critical function vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to access deployment functionality without prior authentication...

9.3CVSS6.6AI score0.00446EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/08/30 12:0 a.m.4 views

PT-2025-35336

Name of the Vulnerable Software and Affected Versions SUNNET Corporate Training Management System versions prior to 10.11 Description A missing authentication check for a critical function allows remote attackers to access deployment functionality without authentication. Recommendations Update to...

9.8CVSS6AI score0.00446EPSS
Exploits0References9
RedhatCVE
RedhatCVEadded 2025/08/22 4:35 p.m.4 views

CVE-2025-8611

AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AOMEI Cyber Backup. Authentication is not required to exploit this vulnerability. The specific fla...

9.8CVSS8.6AI score0.00774EPSS
Exploits0References1
Snyk
Snykadded 2025/08/21 9:30 a.m.1 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the POST /api/v4/teams/:teamId/restore endpoint. An attacker can access sensitive team invite information by sending crafted requests to this endpoint without proper privileges. Remediati...

5.3CVSS6.8AI score0.00201EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/08/21 12:1 a.m.7 views

CVE-2025-27214

A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier Mitigation: Update Uni...

0.00374EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/08/21 12:1 a.m.4 views

CVE-2025-27214

A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier Mitigation: Update Uni...

6.9AI score0.00374EPSS
Exploits0References1
CVE
CVEadded 2025/08/21 12:1 a.m.20 views

CVE-2025-27214

The CVE-2025-27214 entry concerns UniFi Connect EV Station Pro (versions up to 1.5.18) where a Missing Authentication for Critical Function vulnerability could allow a nearby or physically present attacker to trigger an unauthorized factory reset. The core issue is lack of authentication for crit...

9.8CVSS6.9AI score0.00374EPSS
Exploits0References1
OSV
OSVadded 2025/08/18 1:17 p.m.20 views

GO-2025-3875 Mattermost Confluence Plugin is Missing Authentication for Critical Function in github.com/mattermost/mattermost-plugin-confluence

Mattermost Confluence Plugin is Missing Authentication for Critical Function in github.com/mattermost/mattermost-plugin-confluence...

7.2CVSS7.2AI score0.00225EPSS
Exploits0References3
OSV
OSVadded 2025/08/18 1:17 p.m.2 views

GO-2025-3865 Mattermost Confluence Plugin is Missing Authentication for Critical Function in github.com/mattermost/mattermost-plugin-confluence

Mattermost Confluence Plugin is Missing Authentication for Critical Function in github.com/mattermost/mattermost-plugin-confluence...

7.2CVSS7.2AI score0.00189EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/08/15 6:31 p.m.9 views

CVE-2025-8754

Missing Authentication for Critical Function vulnerability in ABB ABB AbilityTM zenon.This issue affects ABB AbilityTM zenon: from 7.50 through 14...

8.7CVSS7.3AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/08/13 7:31 p.m.1 views

CVE-2025-7677

A denial-of-service DoS attack is possible if access to the local network is provided to unauthorized users. This is due to a buffer copy issue that may lead to a software crash. This issue affects all versions of ASPECT...

8.2CVSS6.7AI score0.0031EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/08/13 7:31 p.m.2 views

CVE-2025-7679

The ASPECT system allows users to bypass authentication. This issue affects all versions of ASPECT...

9.2CVSS6.9AI score0.00416EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/08/13 6:29 p.m.6 views

CVE-2025-53191

Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects Aspect: before 3.08.04-s01...

8.4CVSS7.3AI score
Exploits0References1
NVD
NVDadded 2025/08/13 6:15 p.m.4 views

CVE-2025-8754

Missing Authentication for Critical Function vulnerability in ABB ABB AbilityTM zenon.This issue affects ABB AbilityTM zenon: from 7.50 through 14...

8.7CVSS0.00339EPSS
Exploits0References1
Rows per page
Query Builder