Weaknesses of type CWE-287
1,848 resultsCVE-2026-44460HIGHFileRise: TOTP Bypass via Setup Endpoint Disclosing Existing SecretEPSS 0.3%CVE-2022-29838MEDIUMAuthentication issue with the encrypted volumes and auto mount feature in My Cloud devicesEPSS 0.3%CVE-2025-65128HIGHA missing authentication mechanism in the web management API components of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows unautheEPSS 0.3%CVE-2025-66515LOWNextcloud Approval app allows users to request approval for other users fileEPSS 0.3%CVE-2018-25030LOWMirmay Secure Private Browser / File Manager Auto Lock improper authenticationEPSS 0.3%CVE-2026-44810HIGHMicrosoft Cryptographic Services Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2024-27137MEDIUMApache Cassandra: unrestricted deserialization of JMX authentication credentialsEPSS 0.3%CVE-2025-22477HIGHDell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Authentication vulnerability. An unauthenticated attaEPSS 0.3%CVE-2025-0813HIGHCWE-287: Improper Authentication vulnerability exists that could cause an Authentication Bypass when an
unauthorized user without permissionEPSS 0.3%CVE-2026-33473MEDIUMVikunja has TOTP Reuse During Validity WindowEPSS 0.3%CVE-2026-49202HIGHUnverified Meeting Recording Endpoints & Permissive CORSEPSS 0.3%CVE-2025-29627MEDIUMAn issue in KeeperChat IOS Application v.5.8.8 allows a physically proximate attacker to escalate privileges via the Biometric AuthenticatioEPSS 0.3%CVE-2026-41720HIGHAuthentication Bypass with Empty Password in Spring LDAPEPSS 0.3%CVE-2024-27835LOWThis issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical accesEPSS 0.3%CVE-2023-43551CRITICALImproper Authentication in Multi-Mode Call ProcessorEPSS 0.3%CVE-2026-40946CRITICALOxia: OIDC token audience validation bypass via SkipClientIDCheckEPSS 0.3%CVE-2026-24003MEDIUMEvseV2G has sequence state validation bypassEPSS 0.3%CVE-2023-43660MEDIUMSSH key password bypassed in warpgateEPSS 0.3%CVE-2026-10560HIGHUnauthenticated Access to Private Flow Build Events and Cancellation in Langflow OSSEPSS 0.3%CVE-2026-34834HIGHBulwark Webmail: Authentication Bypass in verifyIdentity() due to missing cookie validationEPSS 0.3%