2955 matches found
Panda Wireless PWRU0 安全漏洞
The Panda Wireless PWRU0 is a series of wireless mini routers from Panda Wireless USA. A security vulnerability exists in the Panda Wireless PWRU0 that stems from not enforcing authentication, which could lead to elevation of privilege and denial of service...
CVE-2026-0656
The iPaymu Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authentication in all versions up to, and including, 2.0.2 via the 'checkipaymuresponse' function. This is due to the plugin not validating webhook request authenticity through signature verification or origi...
CVE-2019-16879
The Synergy Systems & Solutions SSS HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has a Missing Authentication for Critical Function CWE-306 vulnerability. The affected product does not require authentication for TELNET access, which may allow an attacker to change configuration or...
CVE-2026-0656
The CVE-2026-0656 entry concerns the iPaymu Payment Gateway for WooCommerce (WordPress). Wordfence reports a Missing Authentication flaw in webhook handling (function check_ipaymu_response) across versions up to 2.0.2, due to lack of signature verification and origin checks. This allows unauthent...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via improper path normalization in the whitelist logic. An attacker can gain unauthorized access to protected API endpoints by sending crafted requests that bypass authentication checks. This...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via improper path normalization in the whitelist logic. An attacker can gain unauthorized access to protected API endpoints by sending crafted requests that bypass authentication checks. This...
CVE-2025-15026
Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awie Awie import module allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.3, from 24.04.0...
Exploit for Missing Authentication for Critical Function in Jetbrains Teamcity
Bash Command Examples Batch Scanning python teamcit...
CVE-2025-15026
Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awie Awie import module allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.3, from 24.04.0...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function on the critical API endpoints messages, transactions, and session, handling sensitive user data and system operations. An unauthenticated attacker can access confidential conversation data an...
GHSA-C5CP-VX83-JHQX Langflow Missing Authentication on Critical API Endpoints
Summary Multiple critical API endpoints in Langflow are missing authentication controls, allowing any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal dat...
Langflow Missing Authentication on Critical API Endpoints
Summary Multiple critical API endpoints in Langflow are missing authentication controls, allowing any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal dat...
EUVD-2026-0033
Bagisto is an open source laravel eCommerce platform. In versions on the 2.3 branch prior to 2.3.10, API routes remain active even after initial installation is complete. The underlying API endpoints /install/api/ are directly accessible and exploitable without any authentication. An attacker can...
EUVD-2026-0034
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0.dev45, multiple critical API endpoints in Langflow are missing authentication controls. The issue allows any unauthenticated user to access sensitive user conversation data, transaction histories...
CVE-2026-21445 Langflow Missing Authentication on Critical API Endpoints
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0.dev45, multiple critical API endpoints in Langflow are missing authentication controls. The issue allows any unauthenticated user to access sensitive user conversation data, transaction histories...
WordPress Profiler - What Slowing Down Your WP plugin <= 1.0.0 - Missing Authentication to Unauthenticated Arbitrary Plugin Reactivation via State Restoration vulnerability
WordPress Profiler - What Slowing Down Your WP plugin = 1.0.0 - Missing Authentication to Unauthenticated Arbitrary Plugin Reactivation via State Restoration vulnerability discovered by ch4r0n - FPT Software in WordPress Plugin Profiler - What Slowing Down Your WP versions = 1.0.0...
WordPress 6Storage Rentals plugin server-side request forgery vulnerability
WordPress 6Storage Rentals plugin is a plugin designed for WordPress websites, designed to help webmasters easily manage the rental booking process for storage facilities. WordPress 6Storage Rentals plugin suffers from a server-side request forgery vulnerability, which stems from the server not...
Exploit for Missing Authentication for Critical Function in Linksys E9450-Sg_Firmware
CVE-2025-52692 Linksys E9450-SG Authentication Bypass...
Exploit for Missing Authentication for Critical Function in Netalertx
CVE-2024-46506 This is a standalone Python implementation for...
CVE-2025-66377
Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker who already has access to execute code on one node within a Pexip Infinity installation to impact the operation of other nodes within the installation...