Falhas do tipo CWE-306
1.717 resultadosCVE-2026-1332MEDIUMHAMASTAR Technology|MeetingHub - Missing AuthenticationEPSS 0.4%CVE-2022-48289HIGHThe bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affEPSS 0.4%CVE-2024-6582MEDIUMBroken Access Control in lunary-ai/lunaryEPSS 0.4%CVE-2026-50242CRITICALIn JetBrains Hub before 2026.1.13757,
2025.3.148033,
2025.2.148048,
2025.1.148120,
2024.3.148430,
2024.2.148429 authentication bypass via diEPSS 0.4%CVE-2025-7679CRITICALSession ID Basic Auth BypassEPSS 0.4%CVE-2026-34162CRITICALFastGPT: Unauthenticated SSRF via httpTools Endpoint Leads to Internal API Key TheftEPSS 0.4%CVE-2026-46789CRITICALVulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that EPSS 0.4%CVE-2025-8279HIGHMissing Authentication for Critical Function in GitLab Language ServerEPSS 0.4%CVE-2025-34434CRITICALAVideo < 20.1 ImageGallery Plugin Unauthenticated File Upload and DeletionEPSS 0.4%CVE-2025-5871MEDIUMPapendorf SOL Connect Center Web Interface missing authenticationEPSS 0.4%CVE-2026-5320MEDIUMvanna-ai vanna Chat API Endpoint v2 missing authenticationEPSS 0.4%CVE-2020-37146HIGHAptina AR0130 960P 1.3MP Camera - Remote Configuration DisclosureEPSS 0.4%CVE-2026-5632MEDIUMassafelovic gpt-researcher HTTP REST API Endpoint missing authenticationEPSS 0.4%CVE-2025-52024CRITICALA vulnerability exists in the Aptsys POS Platform Web Services module thru 2025-05-28, which exposes internal API testing tools to unauthentEPSS 0.4%CVE-2026-34285CRITICALVulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware (component: Core). The supported version that iEPSS 0.4%CVE-2026-2603HIGHKeycloak: keycloak: unauthorized authentication via disabled saml identity providerEPSS 0.4%CVE-2026-34286CRITICALVulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware (component: Core). The supported version that iEPSS 0.4%CVE-2026-24728CRITICALInterinfo DreamMaker - Missing Authentication for Critical FunctionEPSS 0.4%CVE-2025-3090HIGHMB connect line: Missing Authentication in mbCONNECT24/mymbCONNECT24EPSS 0.4%CVE-2025-5876MEDIUMLucky LM-520-SC/LM-520-FSC/LM-520-FSC-SAM missing authenticationEPSS 0.4%