Weaknesses of type CWE-306
1,722 resultsCVE-2026-50245HIGHBrickcom Cameras Missing Authentication for Critical FunctionEPSS 0.2%CVE-2025-12444MEDIUMIncorrect security UI in Fullscreen UI in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in sEPSS 0.2%CVE-2025-12447MEDIUMIncorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engageEPSS 0.2%CVE-2026-12527MEDIUMA broken authorization boundary in the RTSP media delivery pipeline of Shenzhen Liandian Communication Technology LTD V380 IP Camera firmwarEPSS 0.2%CVE-2026-42283HIGHDevSpace UI Server WebSocket CheckOrigin does not validate sourceEPSS 0.2%CVE-2025-12436MEDIUMPolicy bypass in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extensioEPSS 0.2%CVE-2026-11535CRITICALAn unauthorized access vulnerability exists in the PcSuite APP. The vulnerability can be exploited by attackers to Unauthorized access to thEPSS 0.2%CVE-2026-41047MEDIUMInformation leak via “diff” methods in qSnapperEPSS 0.1%CVE-2026-54040MEDIUMLibreChat: 2FA Backup Code Regeneration Without OTP Verification Allows 2FA BypassEPSS 0.1%CVE-2024-45356HIGHXiaomi phone framework has unauthorized access vulnerabilityEPSS 0.1%CVE-2021-26280HIGHPermission bypass vulnerability in permission manager moduleEPSS 0.1%CVE-2025-23356HIGHNVIDIA Isaac Lab contains a vulnerability in SB3 configuration parsing. A successful exploit of this vulnerability might lead to code executEPSS 0.1%CVE-2026-28468HIGHOpenClaw 2026.1.29-beta.1 < 2026.2.14 - Authentication Bypass in Sandbox Browser Bridge ServerEPSS 0.1%CVE-2025-47272MEDIUMPhoenixCart Vulnerable to Account Deletion Without Password ConfirmationEPSS 0.1%CVE-2024-45355MEDIUMXiaomi phone framework has unauthorized access vulnerabilityEPSS 0.1%CVE-2026-12490HIGHBypass of client certificate verification with transfer over TLSEPSS 0.1%CVE-2026-27846MEDIUMMissing authentication in Linksys MR9600, Linksys MX4200EPSS 0.1%CVE-2025-30650HIGHJunos OS: Privileged local user can gain access to a Linux-based FPC as rootEPSS 0.1%CVE-2025-14058LOWA potential missing authentication vulnerability was reported in some Lenovo Tablets that could allow an unauthorized user with physical accEPSS 0.1%CVE-2025-67780MEDIUMSpaceX Starlink Dish devices with firmware 2024.12.04.mr46620 (e.g., on Mini1_prod2) allow administrative actions via unauthenticated LAN gREPSS 0.1%