2927 matches found
CVE-2026-6129 zhayujie chatgpt-on-wechat CowAgent Agent Mode Service missing authentication
A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the component Agent Mode Service. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is now public and may be used. The...
CVE-2026-6126
A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit has been made...
CVE-2026-6126 zhayujie chatgpt-on-wechat CowAgent Administrative HTTP Endpoint missing authentication
A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit has been made...
CVE-2026-6126
CVE-2026-6126 affects zhayujie chatgpt-on-wechat CowAgent 2.0.4. The weakness resides in an unknown function of the Administrative HTTP Endpoint, leading to missing authentication. It can be triggered remotely, and the exploit has been made public. Multiple sources note that the project was alert...
Missing Authentication For Critical Function
marimo is vulnerable to Missing Authentication For Critical Function. The vulnerability is due to missing authentication validation in the /terminal/ws WebSocket endpoint, which allows an attacker to establish a shell and execute arbitrary system commands without authentication...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the AdminService/StreamWorkflowReplicationMessages endpoint. An attacker can access replication streams and exfiltrate data by connecting to the frontend gRPC server without providing...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the AdminService/StreamWorkflowReplicationMessages endpoint. An attacker can access replication streams and exfiltrate data by connecting to the frontend gRPC server without providing...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the AdminService/StreamWorkflowReplicationMessages endpoint. An attacker can access replication streams and exfiltrate data by connecting to the frontend gRPC server without providing...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the AdminService/StreamWorkflowReplicationMessages endpoint. An attacker can access replication streams and exfiltrate data by connecting to the frontend gRPC server without providing...
CVE-2026-5724 Missing Authentication on Streaming gRPC Replication Endpoint
The frontend gRPC server's streaming interceptor chain did not include the authorization interceptor. When a ClaimMapper and Authorizer are configured, unary RPCs enforce authentication and authorization, but the streaming AdminService/StreamWorkflowReplicationMessages endpoint accepted requests...
CVE-2026-5724
The CVE-2026-5724 issue is a missing authorization check on the streaming gRPC replication endpoint. The frontend gRPC server’s streaming interceptor chain omits the authorization interceptor, so when ClaimMapper and Authorizer are configured, unary RPCs enforce auth, but the streaming AdminServi...
Missing Authentication for Critical Function
Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...
Missing Authentication for Critical Function
Overview praisonaiagents is a Praison AI agents for completing complex tasks with Self Reflection Agents Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the listagents function. An attacker can access sensitive agent names, roles, and partial...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
exploit-CVE-2026-23744 MCPJam Inspector is a local-first devel...
CVE-2025-30650
A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...
EUVD-2026-21093
A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators FPCs of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device. A local user with low privileges...
CVE-2026-33788
A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators FPCs of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device. A local user with low privileges...
CVE-2026-33788 Junos OS Evolved: Local, authenticated attacker can gain privileged access to FPCs
A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators FPCs of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device. A local user with low privileges...
CVE-2026-33788
A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators FPCs of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device. A local user with low privileges...
CVE-2026-4436 GPL Odorizers GPL750 Missing Authentication for Critical Function
A low-privileged remote attacker can send Modbus packets to manipulate register values that are inputs to the odorant injection logic such that too much or too little odorant is injected into a gas line...