Fallos del tipo CWE-287
1847 resultadosCVE-2026-40165HIGHauthentik: SAML NameID XML Comment Injection Enables Authentication Bypass via Identifier TruncationEPSS 0.4%CVE-2025-27422HIGHFACTION Allows Authentication Bypass via User CreationEPSS 0.4%CVE-2018-1106—An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signeEPSS 0.4%CVE-2026-40964HIGHAuthentication Bypass in cf-auth-proxy in Cloud Foundry Foundation all installations allows an unauthenticated remote attacker to gain read EPSS 0.4%CVE-2026-41076HIGHRT: LDAP authentication bypass via empty passwordEPSS 0.4%CVE-2026-27856HIGHDoveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determineEPSS 0.4%CVE-2026-50559HIGHAuthentication/Authorization Bypass via Advanced Path Normalization VulnerabilitiesEPSS 0.4%CVE-2026-6129MEDIUMzhayujie chatgpt-on-wechat CowAgent Agent Mode Service missing authenticationEPSS 0.4%CVE-2026-5000MEDIUMPromtEngineer localGPT API Endpoint server.py LocalGPTHandler missing authenticationEPSS 0.4%CVE-2025-15456MEDIUMbg5sbk MiniCMS Publish page-edit.php improper authenticationEPSS 0.4%CVE-2026-6582MEDIUMTransformerOptimus SuperAGI Vector Database Management Endpoint vector_dbs.py get_vector_db_details missing authenticationEPSS 0.4%CVE-2026-6577MEDIUMliangliangyy DjangoBlog logtracks Endpoint views.py missing authenticationEPSS 0.4%CVE-2026-8216MEDIUMIndustrial Application Software IAS Canias ERP Java RMI Session Management iasServerRemoteInterface.doAction improper authenticationEPSS 0.4%CVE-2026-8994HIGHLogin with NEAR <= 0.3.3 - Authentication Bypass via 'account' ParameterEPSS 0.4%CVE-2025-12998HIGHBroken Authentication in extension “Modules” (modules)EPSS 0.4%CVE-2025-54452HIGHImproper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 EPSS 0.4%CVE-2020-7294MEDIUMWeb Gateway (MWG) - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2019-13531MEDIUMMedtronic Valleylab FT10 and LS10 Improper AuthenticationEPSS 0.4%CVE-2026-27939HIGHStatamic allows Authenticated Control Panel users to escalate privileges via elevated session bypassEPSS 0.4%CVE-2023-38691MEDIUMmatrix-appservice-bridge doesn't verify the sub parameter of an openId token exhange, allowing unauthorized access to provisioning APIsEPSS 0.4%