The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
124 vulnerabilities with CWE-305
CVE-2026-3047
HIGH
Keycloak - Auth Bypass
CVSS 8.8
CVE-2026-28536
CRITICAL
Device Authentication Module - Auth Bypass
CVSS 9.6
CVE-2026-1713
MEDIUM
IBM MQ 9.1.0.0-9.4.4.1 - Privilege Escalation
CVSS 5.0
CVE-2026-0869
Brocade ASCG 3.4.0 - Auth Bypass
CVE-2026-22153
HIGH
Fortinet Fortios < 7.6.5 - Authentication Bypass
CVSS 8.1
CVE-2025-58382
HIGH
Brocade Fabric OS <9.2.1c2 - Command Injection
CVSS 7.2
CVE-2025-4320
CRITICAL
Birebirsoft Sufirmam <23012026 - Auth Bypass
CVSS 10.0
CVE-2025-68609
MEDIUM
Palantir's Aries - Info Disclosure
CVSS 6.6
CVE-2026-1290
Jamf Jamf Pro <11.24 - Auth Bypass
CVE-2025-13915
CRITICAL
IBM API Connect <10.0.8.5, 10.0.11.0 - Auth Bypass
CVSS 9.8
CVE-2024-49587
CRITICAL
Glutton V1 - Info Disclosure
CVSS 9.1
CVE-2025-68435
CRITICAL
Zerobyte <0.18.5-0.19.0 - Auth Bypass
CVSS 9.1
CVE-2025-51663
HIGH
Lanol Filecodebox < 2.2 - Denial of Service
CVSS 7.5
CVE-2025-41733
CRITICAL
Commissioning Wizard - Privilege Escalation
CVSS 9.8
CVE-2025-47776
CRITICAL
MantisBT <2.27.1 - Auth Bypass
CVSS 9.1
CVE-2025-36386
CRITICAL
IBM Maximo Application Suite - Auth Bypass
CVSS 9.8
CVE-2025-62772
LOW
Mercku M6a <2.1.0 - Info Disclosure
CVSS 3.1
CVE-2025-59980
MEDIUM
Juniper Junos < 22.4 - Authentication Bypass
CVSS 6.5
CVE-2025-56132
HIGH
LiquidFiles <4.2 - Info Disclosure
CVSS 7.3
CVE-2025-59941
MEDIUM
go-f3 <0.8.8 - Code Injection
CVSS 5.9
CVE-2025-54622
HIGH
Huawei Harmonyos - Authentication Bypass
CVSS 8.3
CVE-2025-53534
RatPanel <2.5.5 - RCE
CVE-2025-31965
HIGH
HCL BigFix Remote Control Server WebUI <10.1.0.0248 - Info Disclosure
CVSS 8.2
CVE-2025-53826
CRITICAL
File Browser <2.39.0 - Info Disclosure
CVSS 9.8
CVE-2025-53167
MEDIUM
Distributed Collaboration Framework - Info Disclosure
CVSS 6.9
Details
Vulnerabilities
124