Weaknesses of type CWE-841
53 resultsCVE-2024-44128MEDIUMThis issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS EPSS 0.2%CVE-2026-45023MEDIUMAutoGPT: Credit system bypassed via direct block execution in POST /api/blocks/{block_id}/executeEPSS 0.2%CVE-2025-48376LOWDnn.Platform's Site Import could use an external source with a crafted requestEPSS 0.2%CVE-2026-41259HIGHMastodon: Insufficient verification of email addressesEPSS 0.2%CVE-2022-46710MEDIUMA logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Location data may be EPSS 0.2%CVE-2026-24774MEDIUMOpen eClass Business Logic Flaw Allows Students to Mark Attendance in Expired ActivitiesEPSS 0.2%CVE-2026-34582HIGHBotan has a TLS 1.3 certificate authentication bypassEPSS 0.2%CVE-2026-48505HIGHFilament: Multi-factor authentication (app) recovery codes can still be used multiple times via concurrent submissionEPSS 0.2%CVE-2024-13065MEDIUMBusiness Logic Error in Akinsoft's MyRezztaEPSS 0.2%CVE-2026-8477LOWImproper enforcement of the sealed-entry workflow in the entry sensitive-data retrieval feature in Devolutions Server allows an authenticateEPSS 0.2%CVE-2023-42939LOWA logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1. A user's private browsing activity may beEPSS 0.2%CVE-2025-13129MEDIUMBusiness Logic Error in Seneka Software's OnaylarımEPSS 0.2%CVE-2025-13751LOWInteractive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7_alpha1 through 2.7_rc2 on Windows allows a local authenticated useEPSS 0.2%