Fallos del tipo CWE-288
584 resultadosCVE-2024-10438HIGHSunnet eHRD CTMS - Authentication BypassEPSS 0.5%CVE-2026-24359HIGHWordPress Dokan plugin <= 4.2.4 - Broken Authentication vulnerabilityEPSS 0.5%CVE-2025-1564CRITICALSetSail Membership <= 1.0.3 - Authentication Bypass via Account TakeoverEPSS 0.5%CVE-2025-1515CRITICALWP Real Estate Manager <= 2.8 - Authentication Bypass via Account TakeoverEPSS 0.5%CVE-2025-43436HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1EPSS 0.5%CVE-2024-43692CRITICALDover Fueling Solutions ProGauge MAGLINK LX CONSOLE Authentication Bypass Using an Alternate Path or ChannelEPSS 0.5%CVE-2026-8697HIGHImproper Authentication Rate Limiting on TP-Link's Archer C64EPSS 0.5%CVE-2026-8598CRITICALUnauthenticated Export Service in ZKTeco CCTV CamerasEPSS 0.5%CVE-2026-2095CRITICALFlowring|Agentflow - Authentication BypassEPSS 0.5%CVE-2026-27707HIGHPlex-configured Seerr instances vulnerable to unauthenticated account registration via Jellyfin authentication endpointEPSS 0.5%CVE-2025-63217CRITICALThe Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can EPSS 0.5%CVE-2025-7692HIGHOrion Login with SMS <= 1.0.5 - Authentication Bypass via Weak OTPEPSS 0.5%CVE-2025-31019HIGHWordPress Password Policy Manager plugin <= 2.0.4 - Account Takeover vulnerabilityEPSS 0.5%CVE-2024-34524CRITICALIn XLANG OpenAgents through fe73ac4, the allowed_file protection mechanism can be bypassed by using an incorrect file extension for the natuEPSS 0.5%CVE-2026-40582CRITICALChurchCRM: Authentication Bypass in `/api/public/user/login` Allows Bypass of 2FA and Account LockoutEPSS 0.5%CVE-2024-50503CRITICALWordPress User Toolkit plugin <= 1.2.3 - Account Takeover vulnerabilityEPSS 0.5%CVE-2023-46319—WALLIX Bastion 9.x before 9.0.9 and 10.x before 10.0.5 allows unauthenticated access to sensitive information by bypassing access control onEPSS 0.5%CVE-2025-70082CRITICALAn issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrx_evo cEPSS 0.5%CVE-2025-24846HIGHAuthentication bypass vulnerability exists in FutureNet AS series (Industrial Routers) provided by Century Systems Co., Ltd. If this vulneraEPSS 0.5%CVE-2025-68620CRITICALSignal K Server vulnerable to JWT Token Theft via WebSocket Enumeration and Unauthenticated PollingEPSS 0.5%