CWE-306

2,205 vulnerabilities with CWE-306

CVE-2026-25878 MEDIUM

Frosh Adminer-platform < 2.2.1 - Missing Authentication

CVSS 5.3

CVE-2026-25791 HIGH

Bishopfox Sliver < 1.6.12 - Missing Authentication

CVSS 7.5

CVE-2026-25848 CRITICAL

JetBrains Hub <2025.3.119807 - Auth Bypass

CVSS 9.1

CVE-2026-2234 CRITICAL

C&Cm@il - Info Disclosure

CVSS 9.1

CVE-2026-2165 HIGH

detronetdip E-commerce 1.0.0 - Info Disclosure

CVSS 7.3

CVE-2026-25593 HIGH

Openclaw < 2026.1.20 - Missing Authentication

CVSS 8.4

CVE-2026-2065 MEDIUM

Flycatcher Toys smART Pixelator 2.0 - Auth Bypass

CVSS 6.3

CVE-2026-25751 HIGH

Frangoteam Fuxa < 1.2.10 - Missing Authentication

CVSS 7.5

CVE-2026-25505 CRITICAL

Pypi Bambuddy < 0.1.7 - Missing Authentication

CVSS 9.8

CVE-2026-1633 CRITICAL

Synectix LAN 232 TRIO - Info Disclosure

CVSS 10.0

CVE-2026-1632 CRITICAL

MOMA Seismic Station <v2.4.2520 - Info Disclosure

CVSS 9.1

CVE-2026-1341 CRITICAL

Avation Light Engine Pro - Info Disclosure

CVE-2026-25137 CRITICAL

NixOs Odoo <25.11-26.05 - Info Disclosure

CVSS 9.1

CVE-2026-24728 CRITICAL

Interinfo DreamMaker <2025/10/22 - Auth Bypass

CVE-2026-25116 HIGH

Runtipi <4.7.2 - Path Traversal

CVSS 7.6

CVE-2026-1453 CRITICAL

KiloView Encoder Series - Privilege Escalation

CVSS 9.8

CVE-2026-1410 MEDIUM

Beetel 777vr1 Firmware < 01.00.09_55 - Missing Authentication

CVSS 6.4

CVE-2026-24423 CRITICAL KEV

SmarterTools SmarterMail <9511 - RCE

CVSS 9.8

CVE-2026-1364 CRITICAL

IAQS I6 - Auth Bypass

CVSS 9.8

CVE-2026-0778 HIGH

Enel X JuiceBox 40 - RCE

CVSS 8.8

CVE-2026-24124 CRITICAL

Dragonfly <2.4.1-rc.0 - Info Disclosure

CVSS 9.8

CVE-2026-1332 MEDIUM

MeetingHub - Info Disclosure

CVSS 5.3

CVE-2026-23944 CRITICAL

Arcane <1.13.2 - SSRF

CVSS 9.8

CVE-2026-23744 CRITICAL

MCPJam inspector <1.4.2 - RCE

CVSS 9.8

CVE-2026-0942 MEDIUM

Rede Itaú for WooCommerce <5.1.2 - Auth Bypass

CVSS 5.3