2931 matches found
Open Automation Software OAS Platform V16.00.0121 - Missing Authentication
An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this...
CyberPower - Missing Authentication
An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel Enterprise prior to v2.8.3. id: CVE-2024-32735 info: name: CyberPower - Missing Authentication author: DhiyaneshDK severity: critical description: | An issue regarding missing authentication for certai...
EUVD-2026-37946
Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network...
CVE-2026-56076
PrajionAI CVE-2026-56076 affects PraisonAI before 1.5.128. The vulnerability is a cross-origin agent execution via the AGUI endpoint (/agui): the endpoint lacks authentication and returns a wildcard CORS header (Access-Control-Allow-Origin: *). Combined with Starlette’s Content-Type-agnostic JSON...
M365 Copilot Information Disclosure Vulnerability
Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network...
Splunk Enterprise Missing Authentication for Critical Function Vulnerability
Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create or truncate arbitrary files through a PostgreSQL sidecar service endpoint...
CVE-2026-30799 Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Identity Spoofing.
Missing Authentication for Critical Function vulnerability in RTI Connext Professional Security Plugins allows Identity Spoofing.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3., from 6.1.0 before 6.1., from 6.0.0 before 6.0., from 5.3.0 before 5.3...
EUVD-2026-37754
Missing Authentication for Critical Function vulnerability in RTI Connext Professional Security Plugins allows Identity Spoofing.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3., from 6.1.0 before 6.1., from 6.0.0 before 6.0., from 5.3.0 before 5.3...
CVE-2026-30799
CVE-2026-30799 documents describe a Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) that enables Identity Spoofing. Affected ranges include Connext Professional: 7.4.0–before 7.7.0, 7.0.0–before 7.3., 6.1.0–before 6.1. , 6.0.0–before 6.0.,...
EUVD-2026-37771
Missing Authentication for Critical Function vulnerability in RTI Connext Professional Security Plugins allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1., from 6.0.0 before 6.0., from 5.3.0 before 5.3...
CVE-2026-2675
RTI Connext Professional (Security Plugins) is affected by CVE-2026-2675: Missing Authentication for a Critical Function. Affected Connext Professional versions include 5.3.* before 5.3., 6.0. before 6.0., 6.1. before 6.1.*, 7.0.0 before 7.3.1.3, and 7.4.0 before 7.7.0. The CVSS 4.0 base score is...
CVE-2026-2675 Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.
Missing Authentication for Critical Function vulnerability in RTI Connext Professional Security Plugins allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1., from 6.0.0 before 6.0., from 5.3.0 before 5.3...
EUVD-2026-37733
Dell PowerFlex Manager, versions Versions, contains a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Informatio...
CVE-2026-35065
Technical details about CVE-2026-35065 are not publicly provided in the connected documents. Monitor official Dell PowerFlex advisories and CVE/NVD entries for updated impact, affected versions, and fixes.
CVE-2026-35065
Dell PowerFlex Manager, versions Versions, contains a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Informatio...
Security Bulletin: MongoDB Enterprised Advanced affected by: Missing Critical Step in Authentication (CVE-2026-40542)
Summary There are vulnerabilities in httpclient5-5.6.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-40542. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2026-40542 DESCRIPTION: Missing critical step in authentication in Apache HttpClient 5.6 allows an...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
CVE-2026-23744 – MCPJam Inspector Unauthenticated Remote Code...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
Information Security Fundamentals — Spring 2026 Project Tot...
CVE-2026-50287 Missing Authentication for Critical Function in @agenticmail/mcp
AgenticMail gives AI agents real email addresses and phone numbers. Prior to version 0.9.27, @agenticmail/mcp exposes a Streamable HTTP transport when started with --http or MCPHTTP=1. In that mode, the /mcp endpoint accepts requests without any HTTP authentication layer. A remote client can...
CVE-2026-50287 Missing Authentication for Critical Function in @agenticmail/mcp
AgenticMail gives AI agents real email addresses and phone numbers. Prior to version 0.9.27, @agenticmail/mcp exposes a Streamable HTTP transport when started with --http or MCPHTTP=1. In that mode, the /mcp endpoint accepts requests without any HTTP authentication layer. A remote client can...