VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 20 of 121
  • CVE-2025-15586CriFeb 19, 2026
    risk 0.58cvss epss 0.00

    OGP-Website installs prior git commit 52f865a4fba763594453068acf8fa9e3fc38d663 are affected by a type juggling flaw which if exploited can result in authentication bypass without knowledge of the victim account's password.

  • CVE-2025-44005CriDec 17, 2025
    risk 0.58cvss 10.0epss 0.03

    An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks.

  • CVE-2025-54419CriJul 28, 2025
    risk 0.58cvss 10.0epss 0.00

    A SAML library not dependent on any frameworks that runs in Node. In version 5.0.1, Node-SAML loads the assertion from the (unsigned) original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify…

  • CVE-2025-46348CriApr 29, 2025
    risk 0.58cvss 10.0epss 0.01

    YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create and download an archive without…

  • CVE-2022-29165CriMay 20, 2022
    risk 0.58cvss 10.0epss 0.02

    Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A critical vulnerability has been discovered in Argo CD starting with version 1.4.0 and prior to versions 2.1.15, 2.2.9, and 2.3.4 which would allow unauthenticated users to impersonate as any Argo CD user…

  • CVE-2021-32637CriMay 28, 2021
    risk 0.58cvss 10.0epss 0.02

    Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngx_http_auth_request_module with Authelia, it allows a malicious individual who crafts a malformed HTTP request to bypass the authentication mechanism. It additionally could…

  • CVE-2018-1317HigApr 23, 2019
    risk 0.58cvss 8.8epss 0.05

    In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication.

  • CVE-2026-48114CriJun 15, 2026
    risk 0.57cvss 9.8epss 0.00

    Metacat is data repository software that helps researchers preserve, share, and discover data. Versions 2.0.0 and and above contain an unauthenticated SQL injection in the /harvesterRegistration endpoint. HarvesterRegistration.dbInsert() builds an INSERT against…

  • CVE-2026-49194HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    The debugging routine SCREEN_CLICK(5053) enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface.

  • CVE-2026-49448CriJun 2, 2026
    risk 0.57cvss 9.8epss 0.00

    authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, the Source stage can be bypassed by sending an empty POST. This issue has been patched in versions 2025.12.6, 2026.2.4, and 2026.5.1.

  • CVE-2026-3655CriMay 29, 2026
    risk 0.57cvss 9.8epss 0.00

    The OTP Login With Phone Number, OTP Verification plugin for WordPress is vulnerable to authentication bypass in versions 1.8.50 through 1.8.60. This is due to the Firebase verification flow in the `lwp_ajax_register` AJAX handler not binding the Firebase session to the phone…

  • CVE-2026-46827HigMay 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Self Service Manager). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle…

  • CVE-2026-32253CriMay 22, 2026
    risk 0.57cvss 9.8epss 0.00

    Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because of how OpenSSL verification results are handled. In src/crypto.cpp, the custom verify callback treats…

  • CVE-2026-6456HigMay 20, 2026
    risk 0.57cvss 8.8epss 0.00

    The Account Switcher plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.2. This is due to the `rememberLogin` REST API endpoint using a loose comparison (`!=` instead of `!==`) for secret validation at `app/RestAPI.php:111`,…

  • CVE-2026-5229CriMay 15, 2026
    risk 0.57cvss 9.8epss 0.01

    The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.1.10. This is due to the plugin trusting user-controlled cookie data to determine which WordPress account to authenticate after a LINE OAuth login. When LINE doesn't…

  • CVE-2026-43512CriMay 12, 2026
    risk 0.57cvss 9.8epss 0.01

    DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from before 7.0.0.…

  • CVE-2026-41574CriMay 8, 2026
    risk 0.57cvss 9.8epss 0.01

    Nhost is an open source Firebase alternative with GraphQL. Prior to version 0.49.1, Nhost automatically links an incoming OAuth identity to an existing Nhost account when the email addresses match. This is only safe when the email has been verified by the OAuth provider. Nhost's…

  • CVE-2026-44109CriMay 6, 2026
    risk 0.57cvss 9.8epss 0.01

    OpenClaw before 2026.4.15 contains an authentication bypass vulnerability in Feishu webhook and card-action validation that allows unauthenticated requests to reach command dispatch. Missing encryptKey configuration and blank callback tokens fail open instead of rejecting…

  • CVE-2026-35579CriMay 5, 2026
    risk 0.57cvss 9.8epss 0.01

    CoreDNS is a DNS server written in Go. In versions prior to 1.14.3, the gRPC, QUIC, DoH, and DoH3 transport implementations incorrectly handle TSIG authentication. For gRPC and QUIC, the server checks whether the TSIG key name exists in the configuration but never calls…

  • CVE-2026-27960CriMay 5, 2026
    risk 0.57cvss 9.8epss 0.00

    OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. In versions 6.6.0 through 6.9.12, there is a privilege escalation vulnerability that can be exploited by unauthenticated attackers to query the API as any existing user,…