Weaknesses of type CWE-287
1,847 resultsCVE-2025-64717HIGHZITADEL vulnerable to Account Takeover with deactivated Instance IdPEPSS 0.4%CVE-2022-36071HIGHRecovery codes abuse in SFTPGoEPSS 0.4%CVE-2026-7723MEDIUMPrefectHQ prefect WebSocket Endpoint in missing authenticationEPSS 0.4%CVE-2025-37107HIGHAn authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.EPSS 0.4%CVE-2024-44821MEDIUMZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refreshEPSS 0.4%CVE-2022-0916HIGHBroken authentication on Logitech Options due to misvalidation of Oauth state parameterEPSS 0.4%CVE-2024-37233MEDIUMWordPress Play.ht plugin <= 3.6.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-10157MEDIUMOpen5GS NGAP PathSwitchRequest Message ngap-handler.c improper authenticationEPSS 0.4%CVE-2024-3487LOWBroken Authentication vulnerability in iManagerEPSS 0.4%CVE-2022-46313MEDIUMThe sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of theEPSS 0.4%CVE-2026-5076CRITICALARMember Premium <= 7.3.1 - Insecure Password Reset Mechanism to Unauthenticated Privilege EscalationEPSS 0.4%CVE-2025-8546MEDIUMatjiu pybbs Verification Code login CaptchaEPSS 0.4%CVE-2026-40344HIGHMinIO has an Unauthenticated Object Write via Missing Signature Verification in Unsigned-Trailer UploadsEPSS 0.4%CVE-2025-10423MEDIUMnewbee-mall kaptcha mallKaptcha CaptchaEPSS 0.4%CVE-2026-42560CRITICALauth: Patreon provider assigns the same local user ID to every authenticated Patreon account, enabling cross‑user impersonationEPSS 0.4%CVE-2022-48294HIGHThe IHwAttestationService interface has a defect in authentication. Successful exploitation of this vulnerability may affect data confidentiEPSS 0.4%CVE-2025-30114CRITICALAn issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism reliEPSS 0.4%CVE-2025-9803CRITICALImproper Authentication in lunary-ai/lunaryEPSS 0.4%CVE-2025-41023MEDIUMAuthentication bypass in AutoGPT de ThesamurEPSS 0.4%CVE-2025-50901CRITICALJeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 (2025-05-19) contains incorrect authentication bypass vulnerability, which can lead to arbitEPSS 0.4%