Weaknesses of type CWE-306
1,715 resultsCVE-2026-46807CRITICALVulnerability in the Identity Manager product of Oracle Fusion Middleware (component: OIM Legacy UI). Supported versions that are affected EPSS 0.5%CVE-2024-41793HIGHA vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices provides an enEPSS 0.5%CVE-2025-0355HIGHMissing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and EPSS 0.5%CVE-2025-26366HIGHA CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11EPSS 0.5%CVE-2025-26362HIGHA CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11EPSS 0.5%CVE-2026-4562MEDIUMMacCMS Timming API Endpoint Timming.php weak authenticationEPSS 0.5%CVE-2025-26364HIGHA CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11EPSS 0.5%CVE-2025-26363HIGHA CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11EPSS 0.5%CVE-2024-21272HIGHVulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 9.0.0EPSS 0.5%CVE-2024-48768HIGHAn issue in almaodo GmbH appinventor.ai_google.almando_control 2.3.1 allows a remote attacker to obtain sensitive information via the firmwaEPSS 0.5%CVE-2025-26365HIGHA CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11EPSS 0.5%CVE-2023-21856HIGHVulnerability in the Oracle iSetup product of Oracle E-Business Suite (component: General Ledger Update Transform, Reports). Supported versEPSS 0.5%CVE-2018-25335CRITICALWordPress Plugin Peugeot Music 1.0 Arbitrary File UploadEPSS 0.5%CVE-2025-5906MEDIUMcode-projects Laundry System data missing authenticationEPSS 0.5%CVE-2026-32064HIGHOpenClaw < 2026.2.21 - Missing VNC Authentication in Sandbox Browser noVNC ObserverEPSS 0.5%CVE-2025-34232MEDIUMVasion Print (formerly PrinterLogic) Blind SSRF via Lexmark dellCheck.phpEPSS 0.5%CVE-2026-2248CRITICALUnauthenticated Remote Root Shell Access via Web Console in METIS WICEPSS 0.5%CVE-2026-4187MEDIUMTiandy Easy7 Integrated Management Platform Device Identifier UpdateLocalDevInfo.jsp missing authenticationEPSS 0.5%CVE-2026-2249CRITICALUnauthenticated Remote Command Execution via Web Console in METIS DFSEPSS 0.5%CVE-2025-8025CRITICALImproper Access Control in Dinosoft Business Solutions' Dinosoft ERPEPSS 0.5%