Falhas do tipo CWE-307
411 resultadosCVE-2026-35623MEDIUMOpenClaw < 2026.3.25 - Brute-Force Attack via Missing Webhook Password Rate LimitingEPSS 0.4%CVE-2025-20196MEDIUMA vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticaEPSS 0.4%CVE-2024-28022MEDIUMA vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of
authenticEPSS 0.4%CVE-2026-24696HIGHEveron api.everon.io Improper Restriction of Excessive Authentication AttemptsEPSS 0.4%CVE-2025-9551MEDIUMProtected Pages - Moderately critical - Access bypass - SA-CONTRIB-2025-101EPSS 0.4%CVE-2025-64102HIGHZitadel allows brute-forcing authentication factorsEPSS 0.4%CVE-2023-48745MEDIUMWordPress Captcha Code plugin <= 2.9 - Captcha Bypass vulnerabilityEPSS 0.4%CVE-2022-39314MEDIUMUser enumeration in the code-based login and password reset formsEPSS 0.4%CVE-2024-32720MEDIUMWordPress Appointment Hour Booking plugin <= 1.4.56 - Captcha Bypass vulnerabilityEPSS 0.4%CVE-2025-24806LOWRegulation applies separately to Username-based logins to Email-based logins in autheliaEPSS 0.4%CVE-2026-1409LOWBeetel 777VR1 UART excessive authenticationEPSS 0.3%CVE-2026-6853CRITICALOTP Bypass in Başbelen Group's Pause+ Mobile AppEPSS 0.3%CVE-2021-27782MEDIUMHCL BigFix Mobile / Modern Client Management Server passwords are susceptible to a brute-force attackEPSS 0.3%CVE-2025-4383CRITICALAuthentication Bypass in Art-In Systems' Wi-Fi Cloud HotspotEPSS 0.3%CVE-2025-26862NONEPingFederate unexpected browser flow initiation in redirectless modeEPSS 0.3%CVE-2024-45327HIGHAn improper authorization vulnerability [CWE-285] in FortiSOAR version 7.4.0 through 7.4.3, 7.3.0 through 7.3.2, 7.2.0 through 7.2.2, 7.0.0 EPSS 0.3%CVE-2026-32729HIGHRuntipi has a TOTP two-factor authentication bypass via unrestricted brute-force on `/api/auth/verify-totp`EPSS 0.3%CVE-2026-45010CRITICALphpMyFAQ - Unauthenticated Two-Factor Authentication Brute-Force via /admin/check EndpointEPSS 0.3%CVE-2025-1714MEDIUMUsername Enumeration in GliffyEPSS 0.3%CVE-2025-53544HIGHTrilium Notes is Vulnerable to Brute-force Protection Bypass via Initial Sync Seed RetrievalEPSS 0.3%