Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-290

CWE-290

Authentication Bypass by Spoofing

Parent: CWE-1390 - Weak Authentication

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

535 vulnerabilities with CWE-290

CVE-2026-32045 MEDIUM

OpenClaw < 2026.2.21 - Authentication Bypass in HTTP Gateway Routes via Tokenless Tailscale Auth

CVE-2026-32666 HIGH

Automated Logic WebCTRL Premium Server Authentication Bypass by Spoofing

CVE-2026-33131 HIGH

h3 has a middleware bypass with one gadget

CVE-2026-32014 HIGH

OpenClaw < 2026.2.26 - Node Reconnect Metadata Spoofing via Unsigned Platform Fields

CVE-2026-0385 MEDIUM

Microsoft Edge (Chromium-based) for Android - Spoofing

CVE-2026-31889 HIGH

Shopware <6.6.10.15/6.7.8.1 - Auth Bypass

CVE-2026-27478 CRITICAL

Unity Catalog <=0.4.0 - Auth Bypass

CVE-2026-31813 MEDIUM

Supabase Auth <2.185.0 - Auth Bypass

CVE-2026-32229 MEDIUM

JetBrains Hub <2026.1 - Auth Bypass

CVE-2026-28480 MEDIUM

OpenClaw <2026.2.14 - Auth Bypass

CVE-2026-28465 MEDIUM

OpenClaw voice-call <2026.2.3 - Auth Bypass

CVE-2026-27700 HIGH

Hono 4.12.0-4.12.1 - Auth Bypass

CVE-2026-2800 CRITICAL

Firefox for Android <148 - Spoofing

CVE-2026-24853 HIGH

Caido <0.55.0 - SSRF

CVE-2026-25938 CRITICAL

Frangoteam Fuxa < 1.2.11 - Missing Authentication

CVE-2026-21862 HIGH

Crates.io Rustfs < 1.0.0-alpha.78 - Authentication Bypass by Spoofing

CVE-2026-0834 HIGH

Tp-link Archer Ax53 Firmware - Authentication Bypass by Spoofing

CVE-2026-22797 CRITICAL

OpenStack keystonemiddleware <10.7.2, 10.8, 10.9 before 10.9.1, 10....

CVE-2026-0890 MEDIUM

Mozilla Firefox < 140.7.0 - Authentication Bypass by Spoofing

CVE-2026-21894 MEDIUM

N8n < 2.2.2 - Authentication Bypass by Spoofing

CVE-2025-59707 CRITICAL

N2W <4.3.2 - RCE

CVE-2025-59706 CRITICAL

N2W <4.3.2/4.4.0-4.4.1 - RCE

CVE-2025-67298 HIGH

ClasroomIO <0.2.6 - Privilege Escalation

CVE-2025-48840 MEDIUM

Fortinet FortiWeb 7.0-7.6.3 - Auth Bypass

CVE-2025-71056 HIGH

GCOM EPON 1GE ONU C00R371V00B01 - Auth Bypass

Previous Page 2 of 22 Next

Details

Vulnerabilities 535

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy