PT-2026-25312

CVE-2025-13778 Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-… https://t.co/s08dPDmnD8...

Missing Critical Step in Authentication

Overview Affected versions of this package are vulnerable to Missing Critical Step in Authentication via the OIDC authorize process. An attacker can gain unauthorized access to valid OIDC tokens by leveraging a session where only the password has been verified but the second authentication factor...

GO-2026-4661 Linkdave Missing Authentication on REST and WebSocket endpoints in github.com/shi-gg/linkdave

Linkdave Missing Authentication on REST and WebSocket endpoints in github.com/shi-gg/linkdave...

CVE-2026-2339

Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection.This issue affects Liderahenk: before v3.4.0...

EUVD-2026-10494

Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection.This issue affects Liderahenk: before v3.4.0...

EUVD-2026-10584

Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...

CVE-2026-23662

Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...

CVE-2026-23662

Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...

Azure IoT Explorer Information Disclosure Vulnerability

Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...

CVE-2026-2339 RCE in TUBITAK BILGEM's Liderahenk

Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection. This issue affects Liderahenk: before 3.5.1...

CVE-2026-2339

CVE-2026-2339 affects Liderahenk before 3.4.0 with a Missing Authentication for Critical Function vulnerability that allows Remote Code Inclusion, Privilege Abuse and Command Injection. The issue is exploitable over the network (high access complexity, user interaction required) and has high impa...

CVE-2026-2339 RCE in TUBITAK BILGEM's Liderahenk

Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection. This issue affects Liderahenk: before 3.5.1...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the REST and WebSocket endpoints due to lack of authentication enforcement. An attacker can gain unauthorized access and interact with sensitive server functionality by sending requests...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the REST and WebSocket endpoints due to lack of authentication enforcement. An attacker can gain unauthorized access and interact with sensitive server functionality by sending requests...

Linkdave Missing Authentication on REST and WebSocket endpoints

The linkdave server does not enforce authentication on its REST and WebSocket routes in versions prior to 0.1.5. Impact An attacker with network access to the server port can: - Connect to the WebSocket endpoint /ws and receive a valid sessionid in the OpReady response. - Use that session to invo...

CVE-2026-24310 Missing Authorization check in SAP NetWeaver Application Server for ABAP

Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module and read the sensitive information from database catalog of the ABAP system. This vulnerability has low impact on the application's confidentialit...

PT-2026-24268

Уязвимость программного обеспечения Azure IoT Explorer связана с передачей критичной информации открытым текстом. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, раскрыть защищаемую информацию...

PT-2026-24208

Name of the Vulnerable Software and Affected Versions TUBITAK BILGEM Software Technologies Research Institute Liderahenk versions prior to 3.4.0 Description A missing authentication check for a critical function in Liderahenk allows for remote code inclusion, privilege abuse, and command injectio...

CVE-2026-30824 Flowise: Missing Authentication on NVIDIA NIM Endpoints

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the NVIDIA NIM router /api/v1/nvidia-nim/ is whitelisted in the global authentication middleware, allowing unauthenticated access to privileged container management and token generati...

Missing Authentication For Critical Function

Apache ActiveMQ Artemis is vulnerable to Missing Authentication for Critical Function. The vulnerability is due to missing authentication checks in the Core protocol federation mechanism, allowing an unauthenticated attacker to force the broker to establish an outbound connection to a rogue broke...