The product uses an authentication mechanism to restrict access to specific users or identities, but the mechanism does not sufficiently prove that the claimed identity is correct.
67 vulnerabilities with CWE-1390
CVE-2026-28710
HIGH
Acronis Cyber Protect 17 - Info Disclosure
CVSS 8.1
CVE-2025-15595
Inno Setup <=6.2.1 - Privilege Escalation
CVE-2026-1693
PcVue 12.0.0-16.3.3 - Auth Bypass
CVE-2025-30412
CRITICAL
Acronis Cyber Protect - Info Disclosure
CVSS 10.0
CVE-2025-30411
CRITICAL
Acronis Cyber Protect - Info Disclosure
CVSS 10.0
CVE-2025-57713
HIGH
File Station 5 <5.5.6.5166 - Info Disclosure
CVSS 7.5
CVE-2025-40554
CRITICAL
Solarwinds Web Help Desk < 2026.1 - Authentication Bypass
CVSS 9.8
CVE-2025-40552
CRITICAL
Solarwinds Web Help Desk < 2026.1 - Authentication Bypass
CVSS 9.8
CVE-2023-53894
CRITICAL
phpfm 1.7.9 - Auth Bypass
CVSS 9.8
CVE-2025-63807
CRITICAL
University-BBS <9e06bab430bfc729f27b4284ba7570db3b11ce84 - Auth Bypass
CVSS 9.8
CVE-2025-12871
CRITICAL
a+HRD - Privilege Escalation
CVSS 9.8
CVE-2025-12870
CRITICAL
a+HRD - Privilege Escalation
CVSS 9.8
CVE-2025-11084
DataMosaix Private Cloud - Auth Bypass
CVE-2025-59249
HIGH
Microsoft Exchange Server - Privilege Escalation
CVSS 8.8
CVE-2025-49201
HIGH
Fortinet FortiPAM <1.5.0 - RCE
CVSS 8.1
CVE-2025-30468
MEDIUM
iOS <26 - Info Disclosure
CVSS 6.5
CVE-2025-50173
HIGH
Windows Installer - Privilege Escalation
CVSS 7.8
CVE-2025-47995
MEDIUM
Azure Machine Learning - Privilege Escalation
CVSS 6.5
CVE-2025-1727
HIGH
FRED - DoS
CVSS 8.1
CVE-2025-7326
HIGH
ASP.NET Core - Privilege Escalation
CVSS 7.0
CVE-2025-47479
MEDIUM
AresIT WP Compress <6.30.30 - Auth Bypass
CVSS 5.3
CVE-2025-5484
HIGH
SinoTrack - Auth Bypass
CVSS 8.3
CVE-2024-32119
MEDIUM
Fortinet FortiClientEMS <7.2.4 - Auth Bypass
CVSS 4.8
CVE-2025-0605
MEDIUM
GitLab CE/EE <17.10.7-18.0.1 - Auth Bypass
CVSS 4.6
CVE-2025-32885
MEDIUM
goTenna v1 <5.5.3-0.25.5 - Code Injection
CVSS 6.5
Details
Vulnerabilities
67