CVE-2026-4436 GPL Odorizers GPL750 Missing Authentication for Critical Function

A low-privileged remote attacker can send Modbus packets to manipulate register values that are inputs to the odorant injection logic such that too much or too little odorant is injected into a gas line...

PT-2026-31719

Name of the Vulnerable Software and Affected Versions versions not specified Description A remote attacker with low privileges can manipulate Modbus register values used in odorant injection logic, potentially causing over or under-injection of odorant into a gas line. Attackers have exploited th...

Missing Authentication for Critical Function

Overview marimo is an A library for making reactive notebooks and apps Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the terminal/ws WebSocket endpoint, which lacks authentication validation. An unauthenticated attacker can gain unauthorized...

CVE-2025-30650

A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...

Missing Authentication for Critical Function

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

Missing Authentication for Critical Function

Overview ci4-cms-erp/ci4ms is a composer create-project ci4-cms-erp/ci4ms Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the install route guard process when the database is temporarily unreachable and the cache is empty. An attacker can gain...

EUVD-2025-209320

A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to line cards running Junos OS Evolved as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line...

CVE-2025-30650

A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...

CVE-2025-30650

CVE-2025-30650 concerns Junos OS on Linux-based line cards. A Missing Authentication for Critical Function in command processing allows a privileged local user to gain root access to the Linux-based FPC. Affected line cards include: MPC7–MPC11; LC2101/LC2103; LC480/LC4800/LC9600; MX304 (built-in ...

CVE-2025-30650 Junos OS: Privileged local user can gain access to a Linux-based FPC as root

A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...

CVE-2026-5300 Missing Authentication for Critical Function in coolercontrold

Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...

CVE-2026-5300 Missing Authentication for Critical Function in coolercontrold

Unauthenticated functionality in CoolerControl/coolercontrold 4.0.0 allows unauthenticated attackers to view and modify potentially sensitive data via HTTP requests...

PT-2026-31369

A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to line cards running Junos OS Evolved as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line...

PT-2026-30937

megagao production ssm v1.0 contains an authorization bypass vulnerability in the user addition functionality. The insert method in UserController.java lacks authentication checks, allowing unauthenticated attackers to create super administrator accounts by directly accessing the /user/insert...

CVE-2026-5676

The vulnerability CVE-2026-5676 affects Totolink A8000R (firmware 5.9c.681_B20180413). The issue is in the CGI endpoint /cgi-bin/cstecgi.cgi, specifically the setLanguageCfg function where manipulating the langType argument leads to missing authentication. This enables a remote attacker to levera...

Missing Authentication for Critical Function

Overview org.webjars.npm:vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the fetchModule method exposed through the WebSocket interface when the server is explicitly exposed to the network and...

Missing Authentication for Critical Function

Overview vite-plus is a The Unified Toolchain for the Web Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the fetchModule method exposed through the WebSocket interface when the server is explicitly exposed to the network and WebSocket is...

EUVD-2026-19188

A vulnerability was found in assafelovic gpt-researcher up to 3.4.3. This impacts an unknown function of the component HTTP REST API Endpoint. Performing a manipulation results in missing authentication. It is possible to initiate the attack remotely. The exploit has been made public and could be...

Missing Authentication for Critical Function

Overview gpt-researcher is a GPT Researcher is an autonomous agent designed for comprehensive web research on any task Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the HTTP REST API Endpoint and the WebSocket interface without any form of...

CVE-2026-5632

A vulnerability was found in assafelovic gpt-researcher up to 3.4.3. This impacts an unknown function of the component HTTP REST API Endpoint. Performing a manipulation results in missing authentication. It is possible to initiate the attack remotely. The exploit has been made public and could be...