849 matches found
CVE-2026-8602 Missing authentication for critical function in ScadaBR
In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...
PT-2026-41988
In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...
Missing Authentication for Critical Function
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the getstatus function. An attacker can access sensitive configuration details by sending an unauthenticated HTTP GET request to the affected endpoint...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the POST /api/v1/index/stream endpoint. An attacker can access and manipulate backend Solr index data by sending arbitrary streaming expressions without authentication. This allows readin...
Flowise < 3.0.5 - Missing Authentication for Critical Function
Exploit Title: Flowise 3.0.5 - Missing Authentication for Critical Function Date: 10/11/2025 Exploit Author: nltt0 https://github.com/nltt-br Vendor Homepage: https://flowiseai.com/ Software Link: https://github.com/FlowiseAI/Flowise Version: 3.0.5 CVE: CVE-2025-58434 from requests import post fr...
📄 Flowise Missing Authentication
Proof of concept for Flowise versions prior to 3.0.5 that suffer from a missing authentication vulnerability. Exploit Title: Flowise 3.0.5 - Missing Authentication for Critical Function Date: 10/11/2025 Exploit Author: nltt0 https://github.com/nltt-br Vendor Homepage: https://flowiseai.com/...
Exploit for Missing Authentication for Critical Function in Cpanel
No d...
Exploit for Missing Authentication for Critical Function in Cpanel
No d...
Missing Authentication for Critical Function
Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...
Exploit for Missing Authentication for Critical Function in Cpanel
No d...
Exploit for Missing Authentication for Critical Function in Cpanel
CVE-2026-41940 | cPanel/WHM Authentication Bypass Detection...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the UI server WebSocket. An attacker can gain unauthorized access to sensitive endpoints, such as streaming real-time pod logs, opening an interactive shell inside a running pod, or...
Missing Authentication for Critical Function
Overview github.com/0xJacky/Nginx-UI is a yet another Nginx Web UI, developed by 0xJacky and Hintay. Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the POST /api/install endpoint during the initial setup 10 minutes window, which is accessible...
Exploit for Missing Authentication for Critical Function in Cpanel
No d...
Exploit for Missing Authentication for Critical Function in Vitejs Vite
CVE-2026...
GHSA-FJ4G-2P96-Q6M3 Network-AI missing authentication on MCP HTTP endpoint, which allows unauthenticated privileged tool calls
Security Advisory: Missing Authentication for Critical Function in Jovancoding/Network-AI | Field | Value | |---|---| | Project | Jovancoding/Network-AI | | Repository | https://github.com/Jovancoding/Network-AI | | Affected commit | c344f2053eb0d49395988f803bf92f2a86b2a0d0 | | Affected tested...
PT-2026-37283
Name of the Vulnerable Software and Affected Versions Network-AI versions prior to 5.1.3 Description The MCP HTTP transport accepts JSON-RPC tools/call requests without requiring authentication, sessions, origins, or token checks, dispatching them directly to the orchestrator's tool registry...
Missing Authentication for Critical Function
Overview github.com/0xJacky/Nginx-UI/api/system is a yet another Nginx Web UI Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the api/install endpoint during the initial setup process. An attacker can gain unauthorized administrative access by...
Missing Authentication for Critical Function
Overview arelle-release is an An open source XBRL platform. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the plugins parameter in the /rest/configure endpoint, which is processed without authentication or authorization. An attacker can execu...
Exploit for Missing Authentication for Critical Function in Cpanel
No d...