Falhas do tipo CWE-287
1.847 resultadosCVE-2026-4101HIGHSecurity Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify AccessEPSS 0.4%CVE-2026-0842MEDIUMFlycatcher Toys smART Sketcher Bluetooth Low Energy missing authenticationEPSS 0.4%CVE-2023-25556HIGH
A CWE-287: Improper Authentication vulnerability exists that could allow a device to be
compromised when a key of less than seven digits isEPSS 0.4%CVE-2025-54419CRITICALNode-SAML Contains SAML Signature Verification VulnerabilityEPSS 0.4%CVE-2026-9373MEDIUMJeecgBoot OpenAPI Endpoint call improper authenticationEPSS 0.4%CVE-2024-42164MEDIUMDisabling MFA without AuthenticationEPSS 0.4%CVE-2023-4985MEDIUMSupcon InPlant SCADA Project.xml improper authenticationEPSS 0.4%CVE-2021-45035MEDIUMVelneo vClient Improper authenticationEPSS 0.4%CVE-2022-29083MEDIUMPrior Dell BIOS versions contain an Improper Authentication vulnerability. An unauthenticated attacker with physical access to the system coEPSS 0.4%CVE-2025-5597CRITICALWF Steuerungstechnik GmbH - airleader MASTER - Authentication BypassEPSS 0.4%CVE-2025-46641MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authEPSS 0.4%CVE-2026-10611HIGHOTP bypass via plugin-based LDAP authentication in MISP when LDAP mixed authentication is enabledEPSS 0.4%CVE-2023-44096— Vulnerability of brute-force attacks on the device authentication module.Successful exploitation of this vulnerability may affect service cEPSS 0.4%CVE-2025-14716MEDIUMUnauthorized access to informationEPSS 0.4%CVE-2026-42855HIGHarduino-esp32: Digest authentication URI mismatch bypass in WebServer allows cross-resource replay attackEPSS 0.4%CVE-2025-14942CRITICALAuthentication BypassEPSS 0.4%CVE-2026-41145HIGHMinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer UploadsEPSS 0.3%CVE-2026-4592MEDIUMkalcaddle kodbox Password Login index.class.php tfaVerify improper authenticationEPSS 0.3%CVE-2025-46630MEDIUMImproper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'EPSS 0.3%CVE-2023-0228HIGHImproper authentication vulnerability in S+ OperationsEPSS 0.3%