CVE-2026-2096

Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...

ZBT WE2001 安全漏洞

ZBT WE2001 is a wireless router produced by ZBT Corporation. The version dated 23.09.27 of ZBT WE2001 contains a security vulnerability. This vulnerability stems from the lack of an authentication mechanism in the Web management API component, which may allow unauthenticated attackers on the loca...

PT-2026-7577

Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dinosoft ERP: from 3.0.1 through 11022026. NOTE: The vendor was contacted early about...

CVE-2025-65128

A missing authentication mechanism in the web management API components of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows unauthenticated attackers on the local network to modify router and network configurations. By invoking operations whose names end with "nocommit" and supplying the...

PT-2026-7623

Name of the Vulnerable Software and Affected Versions Shenzhen Zhibotong Electronics ZBT WE2001 version 23.09.27 Description A flaw exists in the web management API components that allows unauthenticated attackers on the local network to modify router and network configurations. Attackers can...

CVE-2025-65128

A missing authentication mechanism in the web management API components of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows unauthenticated attackers on the local network to modify router and network configurations. By invoking operations whose names end with "nocommit" and supplying the...

CVE-2025-65128

CVE-2025-65128 affects Shenzhen Zhibotong Electronics ZBT WE2001 (version 23.09.27). The web management API lacks authentication, allowing unauthenticated attackers on the local network to modify router and network configurations by calling operations ending with *_nocommit and providing the expe...

CVE-2026-2234

C@il developed by HGiga has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read and modify any user's mail content...

CVE-2026-2096

Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...

CVE-2026-2096 Flowring｜Agentflow - Missing Authenticaton

Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...

CVE-2026-2096

Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...

CVE-2026-2096 Flowring｜Agentflow - Missing Authenticaton

Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...

CVE-2026-2096

CVE-2026-2096 (Flowring Agentflow) : The vulnerability is a Missing Authentication issue in Agentflow by Flowring that allows unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality. Reported impact is high/critical (CVSS v4.0 base 9.3 with...

Missing Authentication for Critical Function

Overview fuxa-server is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the /nodered/flows endpoint when the Node-RED plugin is enabled. An attacker can gain administrative access an...

Missing Authentication for Critical Function

Overview @frangoteam/fuxa is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the /nodered/flows endpoint when the Node-RED plugin is enabled. An attacker can gain administrative acce...

Missing Authentication for Critical Function

Overview frosh/adminer-platform is an Adminer for Shopware Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the Adminer route configuration, which does not enforce session validation. An attacker can gain unauthorized access to sensitive...

CVE-2026-2234

C&Cm@il developed by HGiga has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read and modify any user's mail content...

CVE-2026-2234 HGiga｜C&Cm@il - Missing Authentication

C&Cm@il developed by HGiga has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read and modify any user's mail content...

CVE-2026-2234 HGiga｜C&Cm@il - Missing Authentication

C&Cm@il developed by HGiga has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read and modify any user's mail content...

CVE-2026-2234

CVE-2026-2234 concerns the C&Cm@il product developed by HGiga, described as a Missing Authentication vulnerability that allows unauthenticated remote attackers to read and modify any user’s mail content. The available entries consistently state a network-accessible flaw with no authentication req...