CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,195 vulnerabilities with CWE-287
CVE-2025-14908 MEDIUM
Jeecg Boot < 3.9.0 - Authentication Bypass
CVSS 6.3
CVE-2025-13427 MEDIUM
Google Cloud Dialogflow CX Messenger - Auth Bypass
CVE-2025-14738 HIGH
Tp-link Tl-wa850re Firmware < 160527 - Authentication Bypass
CVSS 7.5
CVE-2025-67791 CRITICAL
Drivelock < 24.1.4 - Authentication Bypass
CVSS 9.8
CVE-2025-44005 CRITICAL
Smallstep Certificates < 0.29.0 - Authentication Bypass
CVSS 10.0
CVE-2025-14097 HIGH
Multiple Radiometer Products - RCE
CVSS 7.2
CVE-2025-14002 HIGH
WPCOM Member <1.7.16 - Auth Bypass
CVSS 8.1
CVE-2025-14746 MEDIUM
Shenzhenningyuandatechnology Tc155 Firmware - Authentication Bypass
CVSS 4.3
CVE-2025-65781 HIGH
Wekan <18.15 - DoS
CVSS 8.2
CVE-2025-65431 MEDIUM
Allauth < 65.13.0 - Authentication Bypass
CVSS 5.4
CVE-2025-37731 MEDIUM
Elasticsearch - Auth Bypass
CVSS 6.8
CVE-2025-14703 MEDIUM
Sgwbox N3 Firmware < 2.0.25 - Authentication Bypass
CVSS 5.3
CVE-2025-14567 MEDIUM
Haxxorsid Stock-management-system < 2018-01-27 - Missing Authentication
CVSS 5.3
CVE-2025-10684 MEDIUM
Construction Light WordPress <1.6.8 - CSRF
CVSS 4.3
CVE-2025-67507 HIGH
Filament < 4.3.1 - Authentication Bypass
CVSS 8.1
CVE-2025-66039 CRITICAL
FreePBX firmware file upload
CVSS 9.8
CVE-2025-66515 LOW
Nextcloud Approval <1.3.1, 2.5.0 - Privilege Escalation
CVSS 2.7
CVE-2025-12374 CRITICAL
WordPress User Verification <2.0.39 - Auth Bypass
CVSS 9.8
CVE-2025-64055 CRITICAL
Fanvil X210 Firmware - Authentication Bypass
CVSS 9.8
CVE-2025-59704 MEDIUM
Entrust Nshield 5C Firmware < 13.6.12 - Authentication Bypass
CVSS 4.6
CVE-2025-66022 CRITICAL
FACTION <1.7.1 - RCE
CVSS 9.6
CVE-2025-9803 HIGH
Lunary - Incorrect Authorization
CVSS 8.8
CVE-2025-63210 CRITICAL
Newtec Celox UHD - Auth Bypass
CVSS 9.8
CVE-2025-63207 CRITICAL
R.V.R Elettronica TEX - Auth Bypass
CVSS 9.8
CVE-2025-63224 CRITICAL
Itel DAB Encoder <25aec8d - Auth Bypass
CVSS 10.0
Details
Vulnerabilities 4,195
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits