Fallos del tipo CWE-287
1847 resultadosCVE-2026-1743LOWDJI Mavic Mini/Air/Spark/Mini SE Enhanced Wi-Fi Pairing authentication replayEPSS 0.4%CVE-2026-6456HIGHAccount Switcher <= 1.0.2 - Authenticated (Subscriber+) Authentication Bypass to Privilege EscalationEPSS 0.4%CVE-2022-39018HIGHBroken access controls on PDFtron data in M-Files HubshareEPSS 0.4%CVE-2026-7042MEDIUM666ghj MiroFish REST API Endpoint __init__.py create_app missing authenticationEPSS 0.4%CVE-2026-13546MEDIUMFeehi CMS REST API Endpoint articles missing authenticationEPSS 0.4%CVE-2025-60306CRITICALcode-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perEPSS 0.4%CVE-2025-70841CRITICALDokans Multi-Tenancy Based eCommerce Platform SaaS 3.9.2 allows unauthenticated remote attackers to obtain sensitive application configuratiEPSS 0.4%CVE-2026-7022MEDIUMSmythOS sre HTTP Header AgentRuntime.class.ts AgentRuntime improper authenticationEPSS 0.4%CVE-2025-15586CRITICALOGP-Website installs prior git commit 52f865a4fba763594453068acf8fa9e3fc38d663 are affected by a type juggling flaw which if exploited can rEPSS 0.4%CVE-2024-44843MEDIUMAn issue in the web socket handshake process of SteVe v3.7.1 allows attackers to bypass authentication and execute arbitrary coammands via sEPSS 0.4%CVE-2023-35154HIGHKnowage-Server vulnerable to account validation bypassEPSS 0.4%CVE-2018-0362—A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) EEPSS 0.4%CVE-2024-42172MEDIUMHCL MyXalytics is affected by broken authenticationEPSS 0.4%CVE-2024-0879MEDIUMAuthentication bypass in vector-admin domain restrictionEPSS 0.4%CVE-2024-39830HIGHTiming attack during remote cluster token comparison when shared channels are enabledEPSS 0.4%CVE-2026-48526HIGHPyJWT: Public-key JWK accepted as HMAC secret enables forged HS256 tokens when mixed families are allowedEPSS 0.4%CVE-2025-25227HIGH[20250402] - Joomla Core - MFA Authentication BypassEPSS 0.4%CVE-2024-6078HIGHRockwell Automation Authentication Bypass Vulnerability in DataMosaix™EPSS 0.4%CVE-2025-6926HIGHSecurity Authentication Bypass in CentralAuthEPSS 0.4%CVE-2024-23251MEDIUMAn authentication issue was addressed with improved state management. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadEPSS 0.4%