CWE-306
High likelihoodMissing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
2,016 vulnerabilities with CWE-306
CVE-2026-30824
Flowise <3.0.13 - Auth Bypass
CVE-2026-25071
XikeStor SKS8310-8X <1.04.B07 - Auth Bypass
CVE-2026-30846
Wekan 8.31.0-8.33 - Info Disclosure
CVE-2026-26288
CRITICAL
OCPP WebSocket - Privilege Escalation
CVSS 9.4
CVE-2026-2754
HIGH
Navtor NavBox - Info Disclosure
CVSS 7.5
CVE-2026-26051
CRITICAL
OCPP WebSocket - Privilege Escalation
CVSS 9.4
CVE-2026-27603
Chartbrew <4.8.4 - Auth Bypass
CVE-2026-22552
CRITICAL
OCPP WebSocket - Privilege Escalation
CVSS 9.4
CVE-2026-26125
HIGH
Payment Orchestrator Service - Privilege Escalation
CVSS 8.6
CVE-2026-29613
MEDIUM
OpenClaw <2026.2.12 - Auth Bypass
CVSS 5.9
CVE-2026-29606
MEDIUM
OpenClaw <2026.2.14 - Auth Bypass
CVSS 6.5
CVE-2026-28485
HIGH
OpenClaw 2026.1.5-2026.2.12 - Auth Bypass
CVSS 8.4
CVE-2026-28472
HIGH
OpenClaw <2026.2.2 - Auth Bypass
CVSS 8.1
CVE-2026-28468
HIGH
OpenClaw <2026.2.14 - Auth Bypass
CVSS 7.7
CVE-2026-28458
HIGH
OpenClaw <2026.2.1 - Info Disclosure
CVSS 8.1
CVE-2026-28450
MEDIUM
OpenClaw <2026.2.12 - Auth Bypass
CVSS 6.8
CVE-2026-27944
CRITICAL
Nginx UI <2.3.3 - Info Disclosure
CVSS 9.8
CVE-2026-30784
RustDesk Server - Privilege Escalation
CVE-2026-23767
CRITICAL
ESC/POS - Auth Bypass
CVSS 9.8
CVE-2026-27446
Apache Artemis/ActiveMQ Artemis - Auth Bypass
CVE-2026-27012
CRITICAL
OpenSTAManager <2.9.8 - Privilege Escalation
CVSS 9.8
CVE-2026-1775
Labkotec LID-3300IP - Command Injection
CVE-2025-30035
CGM CLININET - Auth Bypass
CVE-2026-2844
Microchip TimePictra 11.0-11.3 SP2 - Auth Bypass
CVE-2026-28352
MEDIUM
Indico <3.3.11 - Auth Bypass
CVSS 6.5
Details
Vulnerabilities
2,016
Exploit Likelihood
High