VYPR

CWE-306

Missing Authentication for Critical Function

BaseDraftLikelihood: High

Description

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-12 · CAPEC-166 · CAPEC-216 · CAPEC-36 · CAPEC-62

CVEs mapped to this weakness (964)

page 45 of 49
  • CVE-2026-25791Feb 9, 2026
    risk 0.00cvss epss 0.00

    Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to 1.7.0, the DNS C2 listener accepts unauthenticated TOTP bootstrap messages and allocates server-side DNS sessions without validating OTP values, even when EnforceOTP is enabled. Because…

  • CVE-2026-25593Feb 6, 2026
    risk 0.00cvss epss 0.01

    OpenClaw is a personal AI assistant. Prior to 2026.1.20, an unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user.…

  • CVE-2026-1709Feb 6, 2026
    risk 0.00cvss epss 0.06

    A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations,…

  • CVE-2026-25751Feb 6, 2026
    risk 0.00cvss epss 0.00

    FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an unauthenticated, remote attacker…

  • CVE-2026-25505Feb 4, 2026
    risk 0.00cvss epss 0.01

    Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7.

  • CVE-2025-69970Feb 3, 2026
    risk 0.00cvss epss 0.00

    FUXA v1.2.7 contains an insecure default configuration vulnerability in server/settings.default.js. The 'secureEnabled' flag is commented out by default, causing the application to initialize with authentication disabled. This allows unauthenticated remote attackers to access…

  • CVE-2025-69981Feb 3, 2026
    risk 0.00cvss epss 0.01

    FUXA v1.2.7 contains an Unrestricted File Upload vulnerability in the `/api/upload` API endpoint. The endpoint lacks authentication mechanisms, allowing unauthenticated remote attackers to upload arbitrary files. This can be exploited to overwrite critical system files (such as…

  • CVE-2026-24124Jan 22, 2026
    risk 0.00cvss epss 0.01

    Dragonfly is an open source P2P-based file distribution and image acceleration system. In versions 2.4.1-rc.0 and below, the Job API endpoints (/api/v1/jobs) lack JWT authentication middleware and RBAC authorization checks in the routing configuration. This allows any…

  • CVE-2026-23744Jan 16, 2026
    risk 0.00cvss epss 0.38

    MCPJam inspector is the local-first development platform for MCP servers. Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to…

  • CVE-2026-22812Jan 12, 2026
    risk 0.00cvss epss 0.17

    OpenCode is an open source AI coding agent. Prior to 1.0.216, OpenCode automatically starts an unauthenticated HTTP server that allows any local process (or any website via permissive CORS) to execute arbitrary shell commands with the user's privileges. This vulnerability is…

  • CVE-2026-21446Jan 2, 2026
    risk 0.00cvss epss 0.01

    Bagisto is an open source laravel eCommerce platform. In versions on the 2.3 branch prior to 2.3.10, API routes remain active even after initial installation is complete. The underlying API endpoints (`/install/api/*`) are directly accessible and exploitable without any…

  • CVE-2026-21445Jan 2, 2026
    risk 0.00cvss epss 0.21

    Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0.dev45, multiple critical API endpoints in Langflow are missing authentication controls. The issue allows any unauthenticated user to access sensitive user conversation data,…

  • CVE-2025-63389Dec 18, 2025
    risk 0.00cvss epss 0.01

    A critical authentication bypass vulnerability exists in Ollama platform's API endpoints in versions prior to and including v0.12.3. The platform exposes multiple API endpoints without requiring authentication, enabling remote attackers to perform unauthorized model management…

  • CVE-2025-13870Dec 2, 2025
    risk 0.00cvss epss 0.00

    Mattermost versions 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to validate the user permission when accessing the files and subscribing to the block in Boards, which allows an authenticated user to access other board files and was able to subscribe to the block from other boards…

  • CVE-2025-55073Nov 14, 2025
    risk 0.00cvss epss 0.00

    Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11, 10.12.x <= 10.12.0 fail to validate the relationship between the post being updated and the MSTeams plugin OAuth flow which allows an attacker to edit arbitrary posts via a crafted MSTeams plugin OAuth redirect URL.

  • CVE-2025-55070Nov 14, 2025
    risk 0.00cvss epss 0.00

    Mattermost versions <11 fail to enforce multi-factor authentication on WebSocket connections which allows unauthenticated users to access sensitive information via WebSocket events

  • CVE-2025-59345Sep 17, 2025
    risk 0.00cvss epss 0.00

    Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, The /api/v1/jobs and /preheats endpoints in Manager web UI are accessible without authentication. Any user with network access to the Manager can create, delete, and modify…

  • CVE-2025-59358Sep 15, 2025
    risk 0.00cvss epss 0.01

    The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides an API to kill arbitrary processes in any Kubernetes pod, leading to cluster-wide denial of service.

  • CVE-2025-58434Sep 12, 2025
    risk 0.00cvss epss 0.50

    Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5 and earlier, the `forgot-password` endpoint in Flowise returns sensitive information including a valid password reset `tempToken` without authentication or verification.…

  • CVE-2025-47870Aug 21, 2025
    risk 0.00cvss epss 0.00

    Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.9.x <= 10.9.2 fail to sanitize the team invite ID in the POST /api/v4/teams/:teamId/restore endpoint which allows an team admin with no member invite privileges to get the team’s invite id.