Total
4131 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-66698 | 1 Semantic-machines | 1 Veda | 2026-02-05 | N/A | 8.6 HIGH |
| An issue in Semantic machines v5.4.8 allows attackers to bypass authentication via sending a crafted HTTP request to various API endpoints. | |||||
| CVE-2019-19006 | 1 Sangoma | 1 Freepbx | 2026-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control. | |||||
| CVE-2025-65397 | 1 Blurams | 2 Dome Flare, Dome Flare Firmware | 2026-02-03 | N/A | 6.8 MEDIUM |
| An insecure authentication mechanism in the safe_exec.sh startup script of Blurams Flare Camera version 24.1114.151.929 and earlier allows an attacker with physical access to the device to execute arbitrary commands with root privileges, if file /opt/images/public_key.der is not present in the file system. The vulnerability can be triggered by providing a maliciously crafted auth.ini file on the device's SD card. | |||||
| CVE-2026-21854 | 1 Tarkov | 1 Tarkov Data Manager | 2026-02-03 | N/A | 9.8 CRITICAL |
| The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, an authentication bypass vulnerability in the login endpoint allows any unauthenticated user to gain full admin access to the Tarkov Data Manager admin panel by exploiting a JavaScript prototype property access vulnerability, combined with loose equality type coercion. A series of fix commits on 02 January 2025 fixed this and other vulnerabilities. | |||||
| CVE-2025-69822 | 1 Atomberg | 2 Erica Smart Fan, Erica Smart Fan Firmware | 2026-02-02 | N/A | 7.4 HIGH |
| An issue in Atomberg Atomberg Erica Smart Fan Firmware Version: V1.0.36 allows an attacker to obtain sensitive information and escalate privileges via a crafted deauth frame | |||||
| CVE-2025-68717 | 1 Kaysus | 2 Ks-wr3600, Ks-wr3600 Firmware | 2026-02-02 | N/A | 9.4 CRITICAL |
| KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 allow authentication bypass during session validation. If any user is logged in, endpoints such as /cgi-bin/system-tool accept unauthenticated requests with empty or invalid session values. This design flaw lets attackers piggyback on another user's active session to retrieve sensitive configuration data or execute privileged actions without authentication. | |||||
| CVE-2026-22236 | 1 Blusparkglobal | 1 Bluvoyix | 2026-02-02 | N/A | 9.8 CRITICAL |
| The vulnerability exists in BLUVOYIX due to improper authentication in the BLUVOYIX backend APIs. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable APIs. Successful exploitation of this vulnerability could allow the attacker to gain full access to customers' data and completely compromise the targeted platform. | |||||
| CVE-2025-66039 | 1 Sangoma | 1 Freepbx | 2026-02-02 | N/A | 9.8 CRITICAL |
| FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23. | |||||
| CVE-2025-67158 | 1 Revotech | 2 I6032w-fhw, I6032w-fhw Firmware | 2026-01-30 | N/A | 7.5 HIGH |
| An authentication bypass in the /cgi-bin/jvsweb.cgi endpoint of Revotech I6032W-FHW v1.0.0014 - 20210517 allows attackers to access sensitive information and escalate privileges via a crafted HTTP request. | |||||
| CVE-2026-21633 | 1 Ui | 1 Unifi Protect | 2026-01-30 | N/A | 8.8 HIGH |
| A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application (Version 6.1.79 and earlier). Affected Products: UniFi Protect Application (Version 6.1.79 and earlier). Mitigation: Update your UniFi Protect Application to Version 6.2.72 or later. | |||||
| CVE-2026-24038 | 1 Horilla | 1 Horilla | 2026-01-29 | N/A | 8.1 HIGH |
| Horilla is a free and open source Human Resource Management System (HRMS). In version 1.4.0, the OTP handling logic has a flawed equality check that can be bypassed. When an OTP expires, the server returns None, and if an attacker omits the otp field from their POST request, the user-supplied OTP is also None, causing the comparison user_otp == otp to pass. This allows an attacker to bypass two-factor authentication entirely without ever providing a valid OTP. If administrative accounts are targeted, it could lead to compromise of sensitive HR data, manipulation of employee records, and further system-wide abuse. This issue has been fixed in version 1.5.0. | |||||
| CVE-2025-14738 | 1 Tp-link | 2 Tl-wa850re, Tl-wa850re Firmware | 2026-01-29 | N/A | 7.5 HIGH |
| Improper authentication vulnerability in TP-Link WA850RE (httpd modules) allows unauthenticated attackers to download the configuration file.This issue affects: ≤ WA850RE V2_160527, ≤ WA850RE V3_160922. | |||||
| CVE-2025-60534 | 1 Blueaccesstech | 1 Cobalt X1 | 2026-01-29 | N/A | 9.8 CRITICAL |
| Blue Access Cobalt v02.000.195 suffers from an authentication bypass vulnerability, which allows an attacker to selectively proxy requests in order to operate functionality on the web application without the need to authenticate with legitimate credentials. | |||||
| CVE-2025-31478 | 1 Zulip | 1 Zulip Server | 2026-01-23 | N/A | 8.2 HIGH |
| Zulip is an open-source team collaboration tool. Zulip supports a configuration where account creation is limited solely by being able to authenticate with a single-sign on authentication backend, meaning the organization places no restrictions on email address domains or invitations being required to join, but has disabled the EmailAuthBackend that is used for email/password authentication. A bug in the Zulip server means that it is possible to create an account in such organizations, without having an account with the configured SSO authentication backend. This issue is patched in version 10.2. A workaround includes requiring invitations to join the organization prevents the vulnerability from being accessed. | |||||
| CVE-2025-67822 | 1 Mitel | 1 Mivoice Mx-one | 2026-01-21 | N/A | 9.4 CRITICAL |
| A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 (7.3.0.0.50) through 7.8 SP1 (7.8.1.0.14) could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker to gain unauthorized access to user or admin accounts in the system. | |||||
| CVE-2025-68931 | 1 Samrocketman | 1 Jervis | 2026-01-20 | N/A | 7.5 HIGH |
| Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, AES/CBC/PKCS5Padding lacks authentication, making it vulnerable to padding oracle attacks and ciphertext manipulation. This vulnerability is fixed in 2.2. | |||||
| CVE-2026-21881 | 1 Kanboard | 1 Kanboard | 2026-01-20 | N/A | 9.1 CRITICAL |
| Kanboard is project management software focused on Kanban methodology. Versions 1.2.48 and below is vulnerable to a critical authentication bypass when REVERSE_PROXY_AUTH is enabled. The application blindly trusts HTTP headers for user authentication without verifying the request originated from a trusted reverse proxy. An attacker can impersonate any user, including administrators, by simply sending a spoofed HTTP header. This issue is fixed in version 1.2.49. | |||||
| CVE-2025-15224 | 1 Haxx | 1 Curl | 2026-01-20 | N/A | 3.1 LOW |
| When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent. | |||||
| CVE-2025-68926 | 1 Rustfs | 1 Rustfs | 2026-01-16 | N/A | 9.8 CRITICAL |
| RustFS is a distributed object storage system built in Rust. In versions prior to 1.0.0-alpha.78, RustFS implements gRPC authentication using a hardcoded static token `"rustfs rpc"` that is publicly exposed in the source code repository, hardcoded on both client and server sides, non-configurable with no mechanism for token rotation, and universally valid across all RustFS deployments. Any attacker with network access to the gRPC port can authenticate using this publicly known token and execute privileged operations including data destruction, policy manipulation, and cluster configuration changes. Version 1.0.0-alpha.78 contains a fix for the issue. | |||||
| CVE-2025-63216 | 1 Itel | 2 Idgateway, Idgateway Firmware | 2026-01-15 | N/A | 10.0 CRITICAL |
| The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices. | |||||