Weaknesses of type CWE-306
1,720 resultsCVE-2026-25751CRITICALFUXA Unauthenticated Exposure of Plaintext Database CredentialsEPSS 0.3%CVE-2025-9815HIGHalaneuler batteryKid NSXPCListener PrivilegeHelper.swift missing authenticationEPSS 0.3%CVE-2025-62607MEDIUMNautobot Single Source of Truth (SSoT) has an unauthenticated ServiceNow configuration URLEPSS 0.3%CVE-2025-6920MEDIUMAi-inference-server: authentication bypass via unprotected inference endpoint in apiEPSS 0.3%CVE-2026-2675MEDIUMMissing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.EPSS 0.3%CVE-2026-30799MEDIUMMissing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Identity Spoofing.EPSS 0.3%CVE-2026-53981HIGHCap-go < v12.128.2 Account Takeover via Unauthenticated Email Change MechanismEPSS 0.3%CVE-2026-6736MEDIUMAuthentication bypass vulnerability in GitHub Enterprise Server allowed creation of local user accounts bypassing the configured external identity providerEPSS 0.3%CVE-2026-26160HIGHRemote Desktop Licensing Service Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2025-55070MEDIUMLack of MFA enforcement in WebSocket connectionsEPSS 0.3%CVE-2025-27256HIGHMissing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup application allows Authentication Bypass due to EPSS 0.3%CVE-2026-44460HIGHFileRise: TOTP Bypass via Setup Endpoint Disclosing Existing SecretEPSS 0.3%CVE-2025-12349MEDIUMEmail Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Mailing Queue TriggerEPSS 0.3%CVE-2025-7031MEDIUMConfig Pages Viewer - Critical - Access bypass - SA-CONTRIB-2025-086EPSS 0.3%CVE-2026-28352MEDIUMIndico missing access check in event series management APIEPSS 0.3%CVE-2026-46824CRITICALVulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). SEPSS 0.3%CVE-2025-65007HIGHMissing Authentication for Critical Function in WODESYS WD-R608U routerEPSS 0.3%CVE-2026-46912CRITICALVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime Security). Supported versions thatEPSS 0.3%CVE-2024-6347MEDIUMUnauthorized access to ECU functionalityEPSS 0.3%CVE-2026-41039HIGHInformation Disclosure Vulnerability in Quantum Networks Router QN-I-470EPSS 0.3%