CWE-290

493 vulnerabilities with CWE-290

CVE-2026-28480 MEDIUM

OpenClaw <2026.2.14 - Auth Bypass

CVSS 6.5

CVE-2026-28465 MEDIUM

OpenClaw voice-call <2026.2.3 - Auth Bypass

CVSS 5.9

CVE-2026-27700 HIGH

Hono 4.12.0-4.12.1 - Auth Bypass

CVSS 8.2

CVE-2026-2800 CRITICAL

Firefox for Android <148 - Spoofing

CVSS 9.8

CVE-2024-1524 HIGH

WSO2 IS - Privilege Escalation

CVSS 7.7

CVE-2025-71056 HIGH

GCOM EPON 1GE ONU C00R371V00B01 - Auth Bypass

CVSS 8.1

CVE-2025-69401 HIGH

WooODT Lite <=2.5.2 - Auth Bypass

CVSS 7.5

CVE-2026-24853 HIGH

Caido <0.55.0 - SSRF

CVSS 8.1

CVE-2026-25938 CRITICAL

Frangoteam Fuxa < 1.2.11 - Missing Authentication

CVSS 9.8

CVE-2026-21862 HIGH

Crates.io Rustfs < 1.0.0-alpha.78 - Authentication Bypass by Spoofing

CVSS 7.5

CVE-2020-37056 CRITICAL

Crystal Shard http-protection 0.2.0 - SSRF

CVSS 9.8

CVE-2026-0834 HIGH

Tp-link Archer Ax53 Firmware - Authentication Bypass by Spoofing

CVSS 8.8

CVE-2026-22797 CRITICAL

OpenStack keystonemiddleware <10.7.2, 10.8, 10.9 before 10.9.1, 10....

CVSS 9.9

CVE-2025-13455 HIGH

ThinkPlus configuration software - Auth Bypass

CVSS 7.8

CVE-2026-0890 MEDIUM

Mozilla Firefox < 140.7.0 - Authentication Bypass by Spoofing

CVSS 5.4

CVE-2025-11250 CRITICAL

Zohocorp ManageEngine ADSelfService Plus <6519 - Auth Bypass

CVSS 9.1

CVE-2025-62235 HIGH

Apache Nimble < 1.9.0 - Authentication Bypass by Spoofing

CVSS 8.1

CVE-2025-60538 MEDIUM

shiori <1.7.4 - Auth Bypass

CVSS 6.5

CVE-2025-69258 CRITICAL

Trendmicro Apex Central - Origin Validation Error

CVSS 9.8

CVE-2026-21894 MEDIUM

N8n < 2.2.2 - Authentication Bypass by Spoofing

CVSS 6.5

CVE-2025-69203 MEDIUM

Signalk Signal K Server < 2.19.0 - Authentication Bypass by Spoofing

CVSS 6.3

CVE-2025-68644 HIGH

Yealink RPS <2025-06-27 - Info Disclosure

CVSS 7.4

CVE-2025-65046 LOW

Microsoft Edge Chromium - Authentication Bypass by Spoofing

CVSS 3.1

CVE-2025-59385 CRITICAL

Qnap Qts - Authentication Bypass by Spoofing

CVSS 9.8

CVE-2025-36754

Web Interface - Auth Bypass