Falhas do tipo CWE-287
1.848 resultadosCVE-2026-33215MEDIUMNATS is vulnerable to MQTT hijacking via Client IDEPSS 0.2%CVE-2022-3681MEDIUMA vulnerability has been identified in the MR2600 router v1.0.18 and earlier that could allow an attacker within range of the wireless netwoEPSS 0.2%CVE-2026-44478HIGHhoppscotch: Unauthenticated Onboarding Config Disclosure via Empty Recovery TokenEPSS 0.2%CVE-2026-26077MEDIUMDiscourse doesn't ensure webhooks require a tokenEPSS 0.2%CVE-2026-39322CRITICALPolarLearn: Any password authenticates banned accounts and grants API accessEPSS 0.2%CVE-2025-41110HIGHImproper Authentication vulnerability in Ghost Robotics' Vision 60EPSS 0.2%CVE-2025-1880LOWi-Drive i11/i12 Device Pairing authentication bypassEPSS 0.2%CVE-2023-21419MEDIUMAn improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under cEPSS 0.2%CVE-2025-68663MEDIUMOutline has a suspended user authentication bypass via WebSocket connectionsEPSS 0.2%CVE-2025-15484CRITICALOrder Notification for WooCommerce < 3.6.3 - Unauthenticated WooCommerce REST Permission BypassEPSS 0.2%CVE-2025-7630MEDIUMOTP Password Brute Forcing in DorukNet's WispotterEPSS 0.2%CVE-2026-8293HIGHReally Simple Security < 9.5.10.1 - Authentication Bypass via Two-Factor OTP SkipEPSS 0.2%CVE-2026-44351CRITICALfast-jwt: Empty HMAC secret accepted via async key resolver - JWT auth bypassEPSS 0.2%CVE-2025-11633MEDIUMTomofun Furbo 360/Furbo Mini HTTP Traffic collect_logs.sh upload_file_to_s3 certificate validationEPSS 0.2%CVE-2026-33512HIGHAVideo has an unauthenticated decrypt oracle leaking any ciphertextEPSS 0.2%CVE-2025-62398MEDIUMMoodle: possible to bypass mfaEPSS 0.2%CVE-2026-49194CRITICALSCREEN_CLICK Authentication BypassEPSS 0.2%CVE-2026-40178MEDIUMajenti.plugin.core has a race conditions in 2FAEPSS 0.2%CVE-2021-3519MEDIUMA vulnerability was reported in some Lenovo Desktop models that could allow unauthorized access to the boot menu, when the "BIOS Password AtEPSS 0.2%CVE-2026-41896HIGHCoolify: Unauthenticated Deployment Trigger via Webhook HMAC Bypass with Null SecretEPSS 0.2%