Falhas do tipo CWE-306
1.711 resultadosCVE-2026-35053CRITICALOneUptime: Unauthenticated Workflow Execution via ManualAPIEPSS 0.5%CVE-2026-31071CRITICALAPI endpoints in LalanaChami Pharmacy Management System (commit 5c3d028) lack authentication middleware. Unauthenticated remote attackers caEPSS 0.5%CVE-2026-43920MEDIUMFOSSBilling: Unauthenticated update patcher endpoint allows remote maintenance executionEPSS 0.5%CVE-2025-8558LOWInsider Threat Management (ITM) Server versions prior to 7.17.2 contain an authentication bypass vulnerability that allows unauthenticated uEPSS 0.5%CVE-2026-42074CRITICALOpenClaude: Sandbox Bypass via Model-Controlled `dangerouslyDisableSandbox` InputEPSS 0.5%CVE-2026-30933HIGHFileBrowser Quantum Incomplete Remediation of CVE-2026-27611: Password-Protected Share Bypass via /public/api/share/infoEPSS 0.5%CVE-2026-7415CRITICALOpen MQTT orchestration without read/write ACLs in Yarbo robot firmwareEPSS 0.5%CVE-2026-49973CRITICALHermes WebUI < 0.51.358 Unauthenticated Password Takeover via /api/settingsEPSS 0.5%CVE-2022-35136MEDIUMBoodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests.EPSS 0.5%CVE-2023-40170MEDIUMcross-site inclusion (XSSI) of files in jupyter-serverEPSS 0.5%CVE-2024-50381HIGHMissing Authentication for Critical Function in Snap One OVRC cloudEPSS 0.5%CVE-2020-36873HIGHAstak CM-818T3 Unauthenticated Configuration DisclosureEPSS 0.5%CVE-2026-33231HIGHNLTK has unauthenticated remote shutdown in nltk.app.wordnet_appEPSS 0.5%CVE-2022-20861CRITICALCisco Nexus Dashboard Unauthorized Access VulnerabilitiesEPSS 0.5%CVE-2024-8530MEDIUMCWE-306: Missing Authentication for Critical Function vulnerability exists that could
cause exposure of private data when an already generatEPSS 0.5%CVE-2026-26944HIGHDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13EPSS 0.5%CVE-2024-12371CRITICALRockwell Automation PowerMonitor™ 1000 Remote Code ExecutionEPSS 0.5%CVE-2026-27012CRITICALUnauthenticated privilege escalation in OpenSTAManager via modules/utenti/actions.phpEPSS 0.5%CVE-2025-59695CRITICALEntrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with OS root access to alter firmware on theEPSS 0.5%CVE-2023-46978HIGHTOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can reset login password & WIFI passwords withoutEPSS 0.5%