Weaknesses of type CWE-287

1,847 results
CVE-2025-9063HIGHRockwell Automation PanelView Plus 7 Performance Series B Authentication BypassEPSS 0.4%CVE-2022-35646MEDIUMIBM Security Verify Governance, Identity Manager security bypassEPSS 0.4%CVE-2024-45051HIGHBypass of email address validation via encoded email addresses in DiscourseEPSS 0.4%CVE-2026-27134HIGHStrimzi: All CAs from a custom CA chain consisting of multiple CAs are trusted for mTLS user autenticationEPSS 0.4%CVE-2026-13543MEDIUMDocumenso Google OAuth Login handle-oauth-callback-url.ts improper authenticationEPSS 0.4%CVE-2017-14018An improper authentication issue was discovered in Johnson & Johnson Ethicon Endo-Surgery Generator Gen11, all versions released before NoveEPSS 0.4%CVE-2022-3119HIGHOAuth client Single Sign On for WordPress < 3.0.4 - Unauthenticated Settings Update to Authentication BypassEPSS 0.4%CVE-2026-36727CRITICALAn insecure authentication vulnerability in the /api/social-sign-in endpoint of bookcars v8.3 allows attackers to bypass authentication via EPSS 0.4%CVE-2024-6107CRITICALDue to insufficient verification, an attacker could use a malicious client to bypass authentication checks and run RPC commands in a region.EPSS 0.4%CVE-2025-62717LOWEmlog Pro session verification code error due to clearing logic errorEPSS 0.4%CVE-2026-7113MEDIUMNousResearch hermes-agent Webhooks Endpoint webhook.py missing authenticationEPSS 0.4%CVE-2026-32730HIGHApostropheCMS MFA/TOTP Bypass via Incorrect MongoDB Query in Bearer Token MiddlewareEPSS 0.4%CVE-2026-46919CRITICALVulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that EPSS 0.4%CVE-2026-8621HIGHCrabbox < v0.12.0 Authentication Bypass via Header SpoofingEPSS 0.4%CVE-2026-32815MEDIUMSiYuan: Cross-Origin WebSocket Hijacking via Authentication Bypass — Unauthenticated Information DisclosureEPSS 0.4%CVE-2023-33054CRITICALImproper Authentication in GPS HLOS DriverEPSS 0.4%CVE-2026-5557MEDIUMbadlogic pi-mono pi-mom Slack Bot slack.ts authentication bypassEPSS 0.4%CVE-2026-49448CRITICALauthentik: SourceStage bypass via empty POSTEPSS 0.4%CVE-2026-2812MEDIUMImproper Authentication issue in ArcGIS ServerEPSS 0.4%CVE-2026-7112MEDIUMNousResearch hermes-agent API_SERVER_KEY api_server.py _check_auth improper authenticationEPSS 0.4%