VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 5 of 121
  • CVE-2026-49191CriJun 4, 2026
    risk 0.64cvss 9.8epss 0.00

    The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages.

  • CVE-2026-49186CriJun 4, 2026
    risk 0.64cvss 9.8epss 0.00

    The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to subscribe using wildcard characters (# or +) to enumerate hidden network devices or publish rogue control commands.

  • CVE-2026-5076CriJun 2, 2026
    risk 0.64cvss 9.8epss 0.00

    The ARMember Premium plugin for WordPress is vulnerable to an insecure password reset mechanism in all versions up to, and including, 7.3.1. The plugin stores a plaintext copy of the password reset key in the `arm_reset_password_key` user meta field when a user requests a…

  • CVE-2026-49197CriMay 29, 2026
    risk 0.64cvss 9.8epss 0.00

    Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails.

  • CVE-2026-46817CriMay 28, 2026
    risk 0.64cvss 9.8epss 0.01

    Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle…

  • CVE-2026-36829CriMay 19, 2026
    risk 0.64cvss 9.8epss 0.01

    An authentication bypass vulnerability exists in the embedded HTTP server of Panabit PAP-XM320 up to and including v7.7. The server validates session cookies using a filesystem existence check based on a user-controlled cookie value without proper sanitization, allowing…

  • CVE-2026-45434CriMay 19, 2026
    risk 0.64cvss 9.8epss 0.23

    Improper Authentication vulnerability in Apache OFBiz via Password-Change Logic Flaw Leading to Remote Code Execution This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

  • CVE-2026-8181CriMay 14, 2026
    risk 0.64cvss 9.8epss 0.15

    The Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) plugin for WordPress is vulnerable to Authentication Bypass in versions 3.4.0 to 3.4.1.1. This is due to incorrect return-value handling in the `is_mainwp_authenticated()` function when…

  • CVE-2026-5722CriMay 5, 2026
    risk 0.64cvss 9.8epss 0.00

    The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This…

  • CVE-2026-35903CriApr 27, 2026
    risk 0.64cvss 9.8epss 0.00

    MERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication vulnerability in the RTSP service. After successful Digest authentication in an initial DESCRIBE request, the device does not verify the Digest response parameter in subsequent RTSP…

  • CVE-2026-41276CriApr 23, 2026
    risk 0.64cvss 9.8epss 0.07

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, this vulnerability allows remote attackers to bypass authentication on affected installations of FlowiseAI Flowise. Authentication is not required to exploit this…

  • CVE-2018-25236CriApr 3, 2026
    risk 0.64cvss 9.8epss 0.01

    Hirschmann HiOS and HiSecOS products RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, EAGLE contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by crafting specially formed…

  • CVE-2017-20237CriApr 3, 2026
    risk 0.64cvss 9.8epss 0.01

    Hirschmann Industrial HiVision versions prior to 06.0.07 and 07.0.03 contains an authentication bypass vulnerability in the master service that allows unauthenticated remote attackers to execute arbitrary commands with administrative privileges. Attackers can invoke exposed…

  • CVE-2024-14034CriApr 2, 2026
    risk 0.64cvss 9.8epss 0.00

    Hirschmann HiEOS devices versions prior to 01.1.00 contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTP(S) requests. Attackers can exploit…

  • CVE-2025-71279CriApr 1, 2026
    risk 0.64cvss 9.8epss 0.00

    XenForo before 2.3.7 contains a security issue affecting Passkeys that have been added to user accounts. An attacker may be able to compromise the security of Passkey-based authentication.

  • CVE-2026-4252CriMar 16, 2026
    risk 0.64cvss 9.8epss 0.01

    A vulnerability was identified in Tenda AC8 16.03.50.11. Affected by this issue is the function check_is_ipv6 of the component IPv6 Handler. The manipulation leads to reliance on ip address for authentication. It is possible to initiate the attack remotely. The exploit is…

  • CVE-2026-1524CriMar 11, 2026
    risk 0.64cvss 9.8epss 0.00

    An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised access under the following conditions: If a neo4j admin configures two or more OIDC providers AND configures one or more of them to be an authorization…

  • CVE-2026-0953CriMar 10, 2026
    risk 0.64cvss 9.8epss 0.01

    The Tutor LMS Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.9.5 via the Social Login addon. This is due to the plugin failing to verify that the email provided in the authentication request matches the email from the…

  • CVE-2026-2249CriFeb 11, 2026
    risk 0.64cvss 9.8epss 0.01

    METIS DFS devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in…

  • CVE-2026-2248CriFeb 11, 2026
    risk 0.64cvss 9.8epss 0.01

    METIS WIC devices (versions <= oscore 2.1.234-r18) expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root (UID 0) privileges. This results…