When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
4,195 vulnerabilities with CWE-287
CVE-2026-28408
CRITICAL
WeGIA <3.6.5 - Auth Bypass
CVSS 9.8
CVE-2026-27939
HIGH
Statmatic 6.0.0-6.3.9 - Privilege Escalation
CVSS 8.8
CVE-2026-1305
MEDIUM
Japanized for WooCommerce <=2.8.4 - Auth Bypass
CVSS 5.3
CVE-2026-28215
CRITICAL
Hoppscotch <2026.2.0 - Auth Bypass
CVSS 9.1
CVE-2026-26077
MEDIUM
Discourse <2025.12.2/2026.1.1/2026.2.0 - Auth Bypass
CVSS 6.5
CVE-2026-27968
MEDIUM
Packistry <0.13.0 - Auth Bypass
CVSS 4.3
CVE-2026-3194
MEDIUM
Chia Blockchain 2.1.0 - Auth Bypass
CVSS 4.5
CVE-2026-3192
MEDIUM
Chia Blockchain 2.1.0 - Auth Bypass
CVSS 5.6
CVE-2026-20129
CRITICAL
Cisco Catalyst SD-WAN Manager - Auth Bypass
CVSS 9.8
CVE-2026-20127
CRITICAL
KEV
Cisco Catalyst SD-WAN - Auth Bypass
CVSS 10.0
CVE-2026-27611
MEDIUM
FileBrowser Quantum <1.1.3/1.2.6 - Auth Bypass
CVSS 6.5
CVE-2026-24241
MEDIUM
NVIDIA Delegated Licensing Service - Auth Bypass
CVSS 4.3
CVE-2026-3053
HIGH
DataLinkDC dinky <1.2.5 - Auth Bypass
CVSS 7.3
CVE-2026-27197
CRITICAL
Sentry 21.12.0-26.1.0 - Auth Bypass
CVSS 9.1
CVE-2026-27134
HIGH
Strimzi 0.49.0-0.50.0 - Auth Bypass
CVSS 8.1
CVE-2026-1368
HIGH
Zoom WordPress Plugin <4.6.6 - Auth Bypass
CVSS 7.5
CVE-2026-26119
HIGH
Windows Admin Center - Privilege Escalation
CVSS 8.8
CVE-2026-25922
HIGH
authentik <2025.8.6, 2025.10.4, 2025.12.4 - SSRF
CVSS 8.8
CVE-2026-25748
HIGH
authentik <2025.10.4, <2025.12.4 - Auth Bypass
CVSS 8.6
CVE-2026-20655
MEDIUM
iOS <26.3-18.7.5 - Info Disclosure
CVSS 5.5
CVE-2026-2249
CRITICAL
METIS DFS <oscore 2.1.234-r18 - RCE
CVSS 9.8
CVE-2026-2248
CRITICAL
METIS WIC <= oscore 2.1.234-r18 - RCE
CVSS 9.8
CVE-2026-21508
HIGH
Microsoft Windows 10 1607 < 10.0.14393.8868 - Authentication Bypass
CVSS 7.0
CVE-2026-23906
CRITICAL
Apache Druid <36.0.0 - Auth Bypass
CVSS 9.8
CVE-2026-25893
CRITICAL
Frangoteam Fuxa < 1.2.10 - Improper Authorization
CVSS 9.8
Details
Vulnerabilities
4,195
Exploit Likelihood
High