Weaknesses of type CWE-307
411 resultsCVE-2025-36758MEDIUMBypass of bruteforce protection in SolaX CloudEPSS 0.5%CVE-2025-36064MEDIUMIBM Sterling Connect:Express for Microsoft Windows information disclosureEPSS 0.5%CVE-2026-26305HIGHMobility46 mobility46.se Improper Restriction of Excessive Authentication AttemptsEPSS 0.5%CVE-2025-52997MEDIUMFile Browser Insecurely Handles PasswordsEPSS 0.5%CVE-2024-42465CRITICALLack of resources and rate limiting - two factor authenticationEPSS 0.5%CVE-2026-33640CRITICALOutline has a rate limit bypass that allows brute force of email login OTPEPSS 0.5%CVE-2024-32774MEDIUMWordPress ProfileGrid plugin <= 5.8.2 - Group Members Limit Bypass vulnerabilityEPSS 0.5%CVE-2025-58587MEDIUMImproper Restriction of Excessive Authentication AttemptsEPSS 0.5%CVE-2026-25113HIGHSWITCH EV swtchenergy.com Improper Restriction of Excessive Authentication AttemptsEPSS 0.5%CVE-2025-7393CRITICALMail Login - Critical - Access bypass - SA-CONTRIB-2025-088EPSS 0.5%CVE-2025-56224HIGHA lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8.6.8 allows attackers to bypass verification viEPSS 0.5%CVE-2025-25595CRITICALA lack of rate limiting in the login page of Safe App version a3.0.9 allows attackers to bypass authentication via a brute force attack.EPSS 0.5%CVE-2022-26964HIGHWeak password derivation for export in Devolutions Remote Desktop Manager before 2022.1 allows information disclosure via a password brute-fEPSS 0.5%CVE-2024-22425MEDIUMDell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains a brute force/dictionary attack vulnerability. An unauthenticated remote attaEPSS 0.5%CVE-2024-32868MEDIUMZITADEL's Improper Lockout Mechanism Leads to MFA BypassEPSS 0.5%CVE-2024-5862HIGHUser Enumeration in Mia Technology's Mia-Med Health AplicationEPSS 0.5%CVE-2026-6947HIGHD-Link|DWM-222W USB Wi-Fi Adapter - Brute-Force Protection BypassEPSS 0.5%CVE-2024-0787MEDIUMImproper Restriction of Excessive Authentication Attempts in phpipam/phpipamEPSS 0.5%CVE-2025-49195MEDIUMNo protection against brute-force attacksEPSS 0.5%CVE-2024-3102MEDIUMJSON Injection in mintplex-labs/anything-llmEPSS 0.5%