Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-305

CWE-305

Authentication Bypass by Primary Weakness

Parent: CWE-1390 - Weak Authentication

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

138 vulnerabilities with CWE-305

CVE-2026-4670 CRITICAL

Improper Authentication vulnerability in Progress MOVEit Automation

CVE-2026-40582 CRITICAL

ChurchCRM: Authentication Bypass in `/api/public/user/login` Allows Bypass of 2FA and Account Lockout

CVE-2026-33472 MEDIUM

Cryptomator Hub OAuth token exchange HTTP downgrade via getAuthority() scheme confusion (CVE-2026-32303 bypass)

CVE-2026-20152 MEDIUM

Cisco Secure Web Appliance Authentication Service Traffic Bypass Vulnerability

CVE-2026-33892 HIGH

Siemens Industrial Edge Management Pro V1 <V1.15.17 - Auth Bypass

CVE-2026-40039 MEDIUM

Pachno 1.0.6 Open Redirection via return_to Parameter

CVE-2026-33496 HIGH

Ory Oathkeeper has an authentication bypass by cache key confusion

CVE-2026-3591 MEDIUM

BIND 9 - ACL Bypass via SIG(0) Use-After-Return

CVE-2026-30849 CRITICAL

MantisBT <2.28.1 - Auth Bypass

CVE-2026-32730 HIGH

ApostropheCMS MFA/TOTP Bypass via Incorrect MongoDB Query in Bearer Token Middleware

CVE-2026-3784 MEDIUM

curl - Auth Bypass

CVE-2026-1965 MEDIUM

libcurl - Auth Bypass

CVE-2026-3047 HIGH

Keycloak - Auth Bypass

CVE-2026-28536 CRITICAL

Device Authentication Module - Auth Bypass

CVE-2026-1713 MEDIUM

IBM MQ 9.1.0.0-9.4.4.1 - Privilege Escalation

CVE-2026-0869 HIGH

Brocade ASCG 3.4.0 - Auth Bypass

CVE-2026-22153 HIGH

Fortinet Fortios < 7.6.5 - Authentication Bypass

CVE-2026-1290 MEDIUM

Jamf Jamf Pro <11.24 - Auth Bypass

CVE-2025-31703 LOW

Dahua NVR2-4KS3 <2026-03-03 - Privilege Escalation

CVE-2025-58382 HIGH

Brocade Fabric OS <9.2.1c2 - Command Injection

CVE-2025-4320 CRITICAL

Birebirsoft Sufirmam <23012026 - Auth Bypass

CVE-2025-68609 MEDIUM

Palantir's Aries - Info Disclosure

CVE-2025-13915 CRITICAL

IBM API Connect <10.0.8.5, 10.0.11.0 - Auth Bypass

CVE-2025-68435 CRITICAL

Zerobyte <0.18.5-0.19.0 - Auth Bypass

CVE-2025-51663 HIGH

Lanol Filecodebox < 2.2 - Denial of Service

Page 1 of 6 Next

Details

Vulnerabilities 138

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy