Weaknesses of type CWE-287
1,845 resultsCVE-2026-35030CRITICALLiteLLM has an authentication bypass via OIDC userinfo cache key collisionEPSS 0.5%CVE-2026-35903CRITICALMERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication vulnerability in the RTSP service. After succesEPSS 0.5%CVE-2024-55954HIGHOpenObserve Improper Authorization Allows Admin User to Remove Root UserEPSS 0.5%CVE-2024-28006MEDIUMImproper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WEPSS 0.5%CVE-2024-25106CRITICALOpenObserve Unauthorized Access Vulnerability in Users APIEPSS 0.5%CVE-2024-45750HIGHAn issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN Client 6.87.109 (and older), Windows EnterpEPSS 0.5%CVE-2022-39252HIGHWhen matrix-rust-sdk recieves forwarded room keys, the reciever doesn't check if it requested the key from the forwarderEPSS 0.5%CVE-2022-44595MEDIUMWordPress WP2FA plugin <= 2.2.0 - Broken Authentication vulnerabilityEPSS 0.5%CVE-2023-32202MEDIUMWalchem Intuition Improper AuthenticationEPSS 0.5%CVE-2026-46890CRITICALVulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM (component: Marketing). Supported versions that are affected are EPSS 0.5%CVE-2022-47209HIGHA support user exists on the device and appears to be a backdoor for Technical Support staff. The default password for this account is “suppEPSS 0.5%CVE-2023-28963MEDIUMJunos OS: User-controlled input vulnerability in J-WebEPSS 0.5%CVE-2024-50644CRITICALzhisheng17 blog 3.0.1-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without EPSS 0.5%CVE-2026-27960CRITICALOpenCTI privilege escalation and unauthenticated access via default admin accountEPSS 0.5%CVE-2024-21654MEDIUMrubygems.org MFA Bypass through password reset function could allow account takeover EPSS 0.5%CVE-2026-4831MEDIUMkalcaddle kodbox Password-protected Share auth.class.php can improper authenticationEPSS 0.5%CVE-2025-49851HIGHImproper Authentication in ControlID iDSecure On-premisesEPSS 0.5%CVE-2022-23501MEDIUMTYPO3 vulnerable to Improper Authentication in Frontend LoginEPSS 0.5%CVE-2026-33117CRITICALAzure SDK for Java Security Feature Bypass VulnerabilityEPSS 0.5%CVE-2024-4129HIGHAuthentication bypass in Snow License ManagerEPSS 0.5%