Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,344 vulnerabilities with CWE-306

CVE-2025-11529 HIGH

ChurchCRM < 5.19.0 - Authentication Bypass in AuthMiddleware

CVE-2025-11171 MEDIUM

Chartify - WordPress Chart Plugin <3.5.9 - Auth Bypass

CVE-2025-61778 CRITICAL

Akka.Remote 1.2.0-1.5.51 - Authentication Bypass via Missing Mutual TLS Enforcement

CVE-2025-61777 CRITICAL

FlagForge 2.0.0-2.3.1 - Unauthenticated Improper Access Control in Badge Template Endpoints

CVE-2025-10746 MEDIUM

Integrate Dynamics 365 CRM <1.0.9 - Auth Bypass

CVE-2025-61673 HIGH

Karapace 5.0.0-5.0.1 - Unauthenticated Authentication Bypass via Missing Authorization Header

CVE-2025-23293 HIGH

NVIDIA Delegated Licensing Service - Info Disclosure

CVE-2025-10991 HIGH

Tapo D230S1 <1.2.2 - Privilege Escalation

CVE-2025-34232 MEDIUM

Vasion Print Virtual Appliance < 25.1.102/25.1.1413 - Blind SSRF via dellCheck.php

CVE-2025-34231 HIGH

Vasion Print Virtual Appliance <25.1.102 & Application <25.1.1413 - SSRF via HP Badge Setup

CVE-2025-34230 MEDIUM

Vasion Print Virtual Appliance < 25.1.102 & Application < 25.1.1413 - Blind SSRF via HP Log Off SSO

CVE-2025-34229 MEDIUM

Vasion Print Virtual Appliance < 25.1.102 - Unauthenticated Blind SSRF via hp/installApp.php

CVE-2025-34228 HIGH

Vasion Print Virtual Appliance < 25.1.102 - Unauthenticated SSRF via Lexmark Update Script

CVE-2025-34225 HIGH

Vasion Print Virtual Appliance Host < 25.1.102 & Application < 25.1.1413 - SSRF via console_release

CVE-2025-34224 CRITICAL

Vasion Print Virtual Appliance Host < 22.0.1049 and Application < 20.0.2786 - Unauthenticated Device Modification

CVE-2025-34223 CRITICAL

Vasion Print Virtual Appliance Host < 22.0.1049 and Application < 20.0.2786 - Unauthenticated Admin Credential Overwrite

CVE-2025-34222 CRITICAL

Vasion Print Virtual Appliance Host < 22.0.1049 and Application < 20.0.2786 - Unauthenticated Admin API Access

CVE-2025-34221 CRITICAL

Vasion Print Virtual Appliance <25.2.169 & Application <25.2.1518 - Unauthenticated Remote Access

CVE-2025-34220 MEDIUM

Vasion Print Virtual Appliance Host < 25.1.102 and Application < 25.1.1413 - Unauthenticated Group Enumeration

CVE-2025-34218 CRITICAL

Vasion Print Virtual Appliance Host < 22.0.1049 and Application < 20.0.2786 - Unauthenticated Docker Instance Exposure

CVE-2025-34216 CRITICAL

Vasion Print Virtual Appliance < 22.0.1026 & Application < 20.0.2702 - RCE via API APP_KEY Disclosure

CVE-2025-34215 CRITICAL

Vasion Print Virtual Appliance < 22.0.1026 / Application < 20.0.2702 - RCE via Firmware Update

CVE-2025-34207 CRITICAL

Vasion Print Virtual Appliance Host < 22.0.1049 and Application < 20.0.2786 - Insecure SSH Configuration

CVE-2025-11130 HIGH

iHongRen pptp-vpn 1.0/1.0.1 - Missing Authentication

CVE-2025-60251 MEDIUM

Unitree Go2-G1-H1-B2 - Info Disclosure

Previous Page 23 of 94 Next

Details

Vulnerabilities 2,344

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy