VYPR

CWE-306

Missing Authentication for Critical Function

BaseDraftLikelihood: High

Description

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-12 · CAPEC-166 · CAPEC-216 · CAPEC-36 · CAPEC-62

CVEs mapped to this weakness (964)

page 23 of 49
  • CVE-2026-40289CriApr 14, 2026
    risk 0.52cvss 9.1epss 0.00

    PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the browser bridge (praisonai browser start) is vulnerable to unauthenticated remote session hijacking due to missing authentication and a bypassable origin check on…

  • CVE-2026-34952CriApr 3, 2026
    risk 0.52cvss 9.1epss 0.00

    PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages…

  • CVE-2026-34758CriApr 2, 2026
    risk 0.52cvss 9.1epss 0.00

    OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, unauthenticated access to Notification test and Phone Number management endpoints allows SMS/Call/Email/WhatsApp abuse and phone number purchase. This issue has been patched in version…

  • CVE-2026-27509HigFeb 26, 2026
    risk 0.52cvss 8.0epss 0.00

    Unitree Go2 firmware versions V1.1.7 through V1.1.9, and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled by actuator_manager.py. A network-adjacent, unauthenticated attacker can join…

  • CVE-2024-48920CriOct 17, 2024
    risk 0.52cvss 9.1epss 0.00

    PutongOJ is online judging software. Prior to version 2.1.0-beta.1, unprivileged users can escalate privileges by constructing requests. This can lead to unauthorized access, enabling users to perform admin-level operations, potentially compromising sensitive data and system…

  • CVE-2026-9045HigJun 10, 2026
    risk 0.51cvss 7.8epss 0.00

    During an internal security assessment, a potential vulnerability was discovered in Lenovo Accessories and Display Manager for Enterprise for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges.

  • CVE-2026-50512HigJun 9, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.

  • CVE-2026-26160HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.

  • CVE-2026-26159HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.

  • CVE-2026-33788HigApr 9, 2026
    risk 0.51cvss 7.8epss 0.00

    A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device. A local…

  • CVE-2026-24062HigMar 18, 2026
    risk 0.51cvss 7.8epss 0.00

    The "Privileged Helper" component of the Arturia Software Center (MacOS) does not perform sufficient client code signature validation when a client connects. This leads to an attacker being able to connect to the helper and execute privileged actions leading to local privilege…

  • CVE-2025-10672HigSep 18, 2025
    risk 0.51cvss 7.8epss 0.00

    A vulnerability was found in whuan132 AIBattery up to 1.0.9. The affected element is an unknown function of the file AIBatteryHelper/XPC/BatteryXPCService.swift of the component com.collweb.AIBatteryHelper. The manipulation results in missing authentication. The attack requires…

  • CVE-2025-9815HigSep 2, 2025
    risk 0.51cvss 7.8epss 0.00

    A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element is an unknown function of the file PrivilegeHelper/PrivilegeHelper.swift of the component NSXPCListener. This manipulation causes missing authentication. It is possible to launch the…

  • CVE-2025-41686HigAug 12, 2025
    risk 0.51cvss 7.8epss 0.00

    A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access.

  • CVE-2024-9062HigJun 11, 2025
    risk 0.51cvss 7.8epss 0.00

    The Archify application contains a local privilege escalation vulnerability due to insufficient client validation in its privileged helper tool, com.oct4pie.archifyhelper, which is exposed via XPC. Archify follows the "factored applications" model, delegating privileged…

  • CVE-2021-26280HigDec 17, 2024
    risk 0.51cvss 7.9epss 0.00

    Locally installed application can bypass the permission check and perform system operations that require permission.

  • CVE-2018-5486HigApr 25, 2018
    risk 0.51cvss 7.8epss 0.00

    NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthorized local attackers to execute arbitrary code.

  • CVE-2015-9030HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to bypass authentication.

  • CVE-2008-6827HigJun 8, 2009
    risk 0.51cvss 7.8epss 0.01

    The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to (1) overwrite…

  • CVE-2026-50287HigJun 12, 2026
    risk 0.50cvss epss 0.00

    AgenticMail gives AI agents real email addresses and phone numbers. Prior to version 0.9.27, @agenticmail/mcp exposes a Streamable HTTP transport when started with --http or MCP_HTTP=1. In that mode, the /mcp endpoint accepts requests without any HTTP authentication layer. A…