CWE-290
Authentication Bypass by Spoofing
BaseIncomplete
Description
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-21 · CAPEC-22 · CAPEC-459 · CAPEC-461 · CAPEC-473 · CAPEC-476 · CAPEC-59 · CAPEC-60 · CAPEC-667 · CAPEC-94
CVEs mapped to this weakness (154)
page 7 of 8| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-48271 | Med | 0.34 | 5.3 | 0.00 | Jun 4, 2024 | Authentication Bypass by Spoofing vulnerability in yonifre Maspik – Spam blacklist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maspik – Spam blacklist: from n/a through 0.10.3. | |
| CVE-2023-41134 | Med | 0.34 | 5.3 | 0.00 | Jun 4, 2024 | Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through 2.11.3. | |
| CVE-2024-32827 | Med | 0.34 | 5.3 | 0.00 | May 17, 2024 | Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows Functionality Bypass.This issue affects Giveaways and Contests: from n/a through 1.12.7. | |
| CVE-2024-33917 | Med | 0.34 | 5.3 | 0.00 | May 17, 2024 | Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows Functionality Bypass.This issue affects WTI Like Post: from n/a through 1.4.6. | |
| CVE-2024-30522 | Med | 0.34 | 5.3 | 0.00 | May 17, 2024 | Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through 8.2.0. | |
| CVE-2024-30479 | Med | 0.34 | 5.3 | 0.00 | May 17, 2024 | Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows Functionality Bypass.This issue affects IP Blocker Lite: from n/a through 11.1.1. | |
| CVE-2024-21746 | Med | 0.34 | 5.3 | 0.00 | May 17, 2024 | Authentication Bypass by Spoofing vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Identity Spoofing.This issue affects Wp Ultimate Review: from n/a through <= 2.3.6. | |
| CVE-2024-34397 | Med | 0.34 | 5.2 | 0.00 | May 7, 2024 | An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact. | |
| CVE-2026-0385 | Med | 0.33 | 5.0 | 0.00 | Mar 16, 2026 | Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability | |
| CVE-2025-27389 | Med | 0.33 | — | 0.00 | Dec 5, 2025 | A flaw exists in the verification of application installation sources within ColorOS. Under specific conditions, this issue may cause the risk detection mechanism to fail, which could allow malicious applications to be installed without proper warning. | |
| CVE-2026-35622 | Med | 0.31 | 5.9 | 0.00 | Apr 9, 2026 | OpenClaw before 2026.3.22 contains an improper authentication verification vulnerability in Google Chat app-url webhook handling that accepts add-on principals outside intended deployment bindings. Attackers can bypass webhook authentication by providing non-deployment add-on principals to execute unauthorized actions through the Google Chat integration. | |
| CVE-2025-66270 | Med | 0.31 | 4.7 | 0.00 | Dec 5, 2025 | The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This affects KDE Connect before 25.12 on desktop, KDE Connect before 0.5.4 on iOS, KDE Connect before 1.34.4 on Android, GSConnect before 68, and Valent before 1.0.0.alpha.49. | |
| CVE-2025-59154 | Med | 0.31 | 5.9 | 0.00 | Sep 15, 2025 | Openfire is an XMPP server licensed under the Open Source Apache License. Openfire’s SASL EXTERNAL mechanism for client TLS authentication contains a vulnerability in how it extracts user identities from X.509 certificates. Instead of parsing the structured ASN.1 data, the code calls X509Certificate.getSubjectDN().getName() and applies a regex to look for CN=. This method produces a provider-dependent string that does not escape special characters. In SunJSSE (sun.security.x509.X500Name), for example, commas and equals signs inside attribute values are not escaped. As a result, a malicious certificate can embed CN= inside another attribute value (e.g. OU="CN=admin,"). The regex will incorrectly interpret this as a legitimate Common Name and extract admin. If SASL EXTERNAL is enabled and configured to map CNs to user accounts, this allows the attacker to impersonate another user. The fix is included in Openfire 5.0.2 and 5.1.0. | |
| CVE-2020-6158 | Med | 0.31 | 4.7 | 0.00 | Feb 21, 2025 | Opera Mini for Android before version 52.2 is vulnerable to an address bar spoofing attack. The vulnerability allows a malicious page to trick the browser into showing an address of a different page. This may allow the malicious page to impersonate another page and trick a user into providing sensitive data. | |
| CVE-2024-27853 | Med | 0.29 | 4.4 | 0.00 | Jul 29, 2024 | This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4. A maliciously crafted ZIP archive may bypass Gatekeeper checks. | |
| CVE-2025-43503 | Med | 0.28 | 4.3 | 0.00 | Nov 4, 2025 | An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. Visiting a malicious website may lead to user interface spoofing. | |
| CVE-2025-43493 | Med | 0.28 | 4.3 | 0.00 | Nov 4, 2025 | The issue was addressed with improved checks. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Visiting a malicious website may lead to address bar spoofing. | |
| CVE-2025-32275 | Med | 0.28 | 4.3 | 0.00 | Apr 10, 2025 | Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker survey-maker allows Identity Spoofing.This issue affects Survey Maker: from n/a through <= 5.1.6.3. | |
| CVE-2025-32227 | Med | 0.28 | 4.3 | 0.00 | Apr 10, 2025 | Authentication Bypass by Spoofing vulnerability in Asgaros Asgaros Forum asgaros-forum allows Identity Spoofing.This issue affects Asgaros Forum: from n/a through <= 3.0.0. | |
| CVE-2024-25906 | Med | 0.28 | 4.3 | 0.00 | May 17, 2024 | Authentication Bypass by Spoofing vulnerability in WP Happy Coders Comments Like Dislike allows Functionality Bypass.This issue affects Comments Like Dislike: from n/a through 1.2.2. |