Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-290

CWE-290

Authentication Bypass by Spoofing

Parent: CWE-1390 - Weak Authentication

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

535 vulnerabilities with CWE-290

CVE-2025-69401 HIGH

WooODT Lite <=2.5.2 - Auth Bypass

CVE-2025-13455 HIGH

ThinkPlus configuration software - Auth Bypass

CVE-2025-11250 CRITICAL

Zohocorp ManageEngine ADSelfService Plus <6519 - Auth Bypass

CVE-2025-62235 HIGH

Apache Nimble < 1.9.0 - Authentication Bypass by Spoofing

CVE-2025-60538 MEDIUM

shiori <1.7.4 - Auth Bypass

CVE-2025-69258 CRITICAL

Trendmicro Apex Central - Origin Validation Error

CVE-2025-69203 MEDIUM

Signalk Signal K Server < 2.19.0 - Authentication Bypass by Spoofing

CVE-2025-68644 HIGH

Yealink RPS <2025-06-27 - Info Disclosure

CVE-2025-65046 LOW

Microsoft Edge Chromium - Authentication Bypass by Spoofing

CVE-2025-59385 CRITICAL

Qnap Qts - Authentication Bypass by Spoofing

CVE-2025-36754 CRITICAL

Web Interface - Auth Bypass

CVE-2025-36753 CRITICAL

Growatt Shine Lan-x Firmware - Authentication Bypass by Spoofing

CVE-2025-59802 HIGH

Foxit Pdf Editor < 13.2.0.63256 - Authentication Bypass by Spoofing

CVE-2025-13953 CRITICAL

GTT Tax Information System - Auth Bypass

CVE-2025-66508 MEDIUM

1Panel <2.0.14 - SSRF

CVE-2025-66507 HIGH

1Panel <2.0.13 - Auth Bypass

CVE-2025-14327 HIGH

Firefox < 146 - SSRF

CVE-2025-66570 CRITICAL

cpp-httplib <0.27.0 - Info Disclosure

CVE-2025-66270 MEDIUM

KDE Connect <2025-11-28 - Info Disclosure

CVE-2025-27389 MEDIUM

ColorOS - Info Disclosure

CVE-2025-54305 HIGH

Thermofisher Torrent Suite Software - Authentication Bypass by Spoo...

CVE-2025-13636 MEDIUM

Google Chrome < 143.0.7499.40 - Authentication Bypass by Spoofing

CVE-2025-13635 MEDIUM

Google Chrome < 143.0.7499.40 - Authentication Bypass by Spoofing

CVE-2025-13634 MEDIUM

Google Chrome < 143.0.7499.40 - Authentication Bypass by Spoofing

CVE-2025-59699 MEDIUM

Entrust Nshield 5C Firmware - Authentication Bypass by Spoofing

Previous Page 3 of 22 Next

Details

Vulnerabilities 535

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy