2932 matches found
CVE-2026-7714
A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwafunctions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The...
Exploit for Missing Authentication for Critical Function in Cpanel
POCCVE-2026-41940 Quick start bash python3 pocCVE-202...
Exploit for Missing Authentication for Critical Function in Cpanel
Based on Watch Tower P...
Exploit for Missing Authentication for Critical Function in Cpanel
No d...
Exploit for Missing Authentication for Critical Function in Cpanel
CVE-2026-41940 - cPanel & WHM Authentication Bypass Proof of C...
Exploit for Missing Authentication for Critical Function in Cpanel
cve-2026-41940-exploit Cpanel Au...
Exploit for Missing Authentication for Critical Function in Cpanel
poc...
Exploit for Missing Authentication for Critical Function in Cpanel
markdown CVE-2026-41940 - WHM/cPanel Authentication Bypass...
Exploit for Missing Authentication for Critical Function in Cpanel
No d...
Exploit for Missing Authentication for Critical Function in Cpanel
🔒 cPanel CVE-2026-41940 / nuclear.x86 Security Audit & Cleanup...
Exploit for Missing Authentication for Critical Function in Cpanel
CVE-2026-41940 A security research tool for detecting and anal...
Exploit for Missing Authentication for Critical Function in Cpanel
================================================================...
GHSA-QP2C-XQV6-PHH6 django-mdeditor is Missing Authentication for Critical Function
All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary code execution since this endpoint lacks authentication protection and proper sanitisation of file...
django-mdeditor is Missing Authentication for Critical Function
All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary code execution since this endpoint lacks authentication protection and proper sanitisation of file...
CVE-2025-13030
CVE-2025-13030 affects the django-mdeditor package. All versions are vulnerable to Missing Authentication for Critical Function in the image upload endpoint, allowing an attacker to upload malicious files and achieve arbitrary code execution due to lack of authentication and improper sanitisation...
EUVD-2025-209593
All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary code execution since this endpoint lacks authentication protection and proper sanitisation of file...
CVE-2025-13030
All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary code execution since this endpoint lacks authentication protection and proper sanitisation of file...
PT-2026-36039
Name of the Vulnerable Software and Affected Versions django-mdeditor affected versions not specified Description The image upload endpoint lacks authentication protection and proper sanitization of file names. This allows an attacker to upload malicious files and achieve arbitrary code execution...
Juniper Junos OS Vulnerability (JSA79188)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79188 advisory. - A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows...
Missing Authentication for Critical Function
Overview github.com/coredns/coredns/core/dnsserver is a package that implements all the interfaces from Caddy, so that CoreDNS can be a servertype plugin. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the tsig plugin on non-plain-DNS...