2896 matches found
PT-2026-25313
π CVE-2025-13779 - High Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1. https://t.co/dh5JkIu0yT https://t.co/gVJzqT9qlg...
Missing Critical Step in Authentication
Overview Affected versions of this package are vulnerable to Missing Critical Step in Authentication via the OIDC authorize process. An attacker can gain unauthorized access to valid OIDC tokens by leveraging a session where only the password has been verified but the second authentication factor...
GO-2026-4661 Linkdave Missing Authentication on REST and WebSocket endpoints in github.com/shi-gg/linkdave
Linkdave Missing Authentication on REST and WebSocket endpoints in github.com/shi-gg/linkdave...
CVE-2026-2339
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection.This issue affects Liderahenk: before v3.4.0...
EUVD-2026-10494
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection.This issue affects Liderahenk: before v3.4.0...
EUVD-2026-10584
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...
CVE-2026-23662
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...
CVE-2026-23662
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...
Azure IoT Explorer Information Disclosure Vulnerability
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...
CVE-2026-2339 RCE in TUBITAK BILGEM's Liderahenk
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection. This issue affects Liderahenk: before 3.5.1...
CVE-2026-2339
CVE-2026-2339 affects Liderahenk before 3.4.0 with a Missing Authentication for Critical Function vulnerability that allows Remote Code Inclusion, Privilege Abuse and Command Injection. The issue is exploitable over the network (high access complexity, user interaction required) and has high impa...
CVE-2026-2339 RCE in TUBITAK BILGEM's Liderahenk
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection. This issue affects Liderahenk: before 3.5.1...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the REST and WebSocket endpoints due to lack of authentication enforcement. An attacker can gain unauthorized access and interact with sensitive server functionality by sending requests...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the REST and WebSocket endpoints due to lack of authentication enforcement. An attacker can gain unauthorized access and interact with sensitive server functionality by sending requests...
Linkdave Missing Authentication on REST and WebSocket endpoints
The linkdave server does not enforce authentication on its REST and WebSocket routes in versions prior to 0.1.5. Impact An attacker with network access to the server port can: - Connect to the WebSocket endpoint /ws and receive a valid sessionid in the OpReady response. - Use that session to invo...
CVE-2026-24310 Missing Authorization check in SAP NetWeaver Application Server for ABAP
Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module and read the sensitive information from database catalog of the ABAP system. This vulnerability has low impact on the application's confidentialit...
PT-2026-24208
Name of the Vulnerable Software and Affected Versions TUBITAK BILGEM Software Technologies Research Institute Liderahenk versions prior to 3.4.0 Description A missing authentication check for a critical function in Liderahenk allows for remote code inclusion, privilege abuse, and command injectio...
PT-2026-24268
Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡΡ ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌΠ½ΠΎΠ³ΠΎ ΠΎΠ±Π΅ΡΠΏΠ΅ΡΠ΅Π½ΠΈΡ Azure IoT Explorer ΡΠ²ΡΠ·Π°Π½Π° Ρ ΠΏΠ΅ΡΠ΅Π΄Π°ΡΠ΅ΠΉ ΠΊΡΠΈΡΠΈΡΠ½ΠΎΠΉ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΈ ΠΎΡΠΊΡΡΡΡΠΌ ΡΠ΅ΠΊΡΡΠΎΠΌ. ΠΠΊΡΠΏΠ»ΡΠ°ΡΠ°ΡΠΈΡ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ ΠΌΠΎΠΆΠ΅Ρ ΠΏΠΎΠ·Π²ΠΎΠ»ΠΈΡΡ Π½Π°ΡΡΡΠΈΡΠ΅Π»Ρ, Π΄Π΅ΠΉΡΡΠ²ΡΡΡΠ΅ΠΌΡ ΡΠ΄Π°Π»Π΅Π½Π½ΠΎ, ΡΠ°ΡΠΊΡΡΡΡ Π·Π°ΡΠΈΡΠ°Π΅ΠΌΡΡ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡ...
CVE-2026-30824 Flowise: Missing Authentication on NVIDIA NIM Endpoints
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the NVIDIA NIM router /api/v1/nvidia-nim/ is whitelisted in the global authentication middleware, allowing unauthenticated access to privileged container management and token generati...
Missing Authentication For Critical Function
Apache ActiveMQ Artemis is vulnerable to Missing Authentication for Critical Function. The vulnerability is due to missing authentication checks in the Core protocol federation mechanism, allowing an unauthenticated attacker to force the broker to establish an outbound connection to a rogue broke...