Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-290

CWE-290

Authentication Bypass by Spoofing

Parent: CWE-1390 - Weak Authentication

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

535 vulnerabilities with CWE-290

CVE-2025-24091 MEDIUM

Apple Ipados < 17.7.3 - Authentication Bypass by Spoofing

CVE-2025-28128 HIGH

Mytel Telecom Online Account System - Authentication Bypass by Spoofing

CVE-2025-32966 CRITICAL

Dataease < 2.10.8 - Authentication Bypass by Spoofing

CVE-2025-29621 HIGH

RosarioSIS v12.0.0 - Info Disclosure

CVE-2025-32788 MEDIUM

Octoprint < 1.11.0 - Authentication Bypass by Spoofing

CVE-2025-2188 HIGH

GameCenter - Info Disclosure

CVE-2025-32012 HIGH

Jellyfin < 10.10.7 - Authentication Bypass by Spoofing

CVE-2025-32275 MEDIUM

Ays-pro Survey Maker < 5.1.5.4 - Authentication Bypass by Spoofing

CVE-2025-32227 MEDIUM

Asgaros Forum <3.0.0 - Auth Bypass

CVE-2025-31170 HIGH

Huawei Emui - Authentication Bypass by Spoofing

CVE-2025-3029 HIGH

Mozilla Firefox < 128.9.0 - Authentication Bypass by Spoofing

CVE-2025-31122 CRITICAL

scratch-coding-hut.github.io <1.0-beta3 - Auth Bypass

CVE-2025-22223 MEDIUM

Spring Security 6.4.0-6.4.3 - Auth Bypass

CVE-2025-30144 MEDIUM

fast-jwt <5.0.6 - Info Disclosure

CVE-2025-30142 HIGH

G-Net Dashcam BB GONX - Auth Bypass

CVE-2025-30110 MEDIUM

IROAD X5 - Auth Bypass

CVE-2025-27616 HIGH

Go-vela Server < 0.25.3 - Authentication Bypass by Spoofing

CVE-2025-26696 HIGH

Mozilla Thunderbird < 128.8.0 - Authentication Bypass by Spoofing

CVE-2025-27671 CRITICAL

Printerlogic Vasion Print - Authentication Bypass by Spoofing

CVE-2025-22271 MEDIUM

CyberArk Endpoint Privilege Manager <24.7.1 - SSRF

CVE-2025-25055 MEDIUM

FileMegane >1.0.0.0 <3.4.0.0 - Auth Bypass

CVE-2025-1298 CRITICAL

com.transsion.carlcare - Info Disclosure

CVE-2025-25182 CRITICAL

Stroom <7.2.24, 7.3-beta.22, 7.4.4, 7.5-beta.2 - Auth Bypass

CVE-2025-1104 HIGH

Dlink Dhp-w310av Firmware - Authentication Bypass

CVE-2025-21415 CRITICAL

Microsoft Azure AI Face Service - Authentication Bypass by Spoofing

Previous Page 6 of 22 Next

Details

Vulnerabilities 535

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy