CWE-306
High likelihoodMissing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
2,205 vulnerabilities with CWE-306
CVE-2026-31944
HIGH
LibreChat 0.8.2-0.8.2-rc3 - Auth Bypass
CVSS 7.6
CVE-2026-31882
HIGH
Dagu <2.2.4 - Auth Bypass
CVSS 7.5
CVE-2026-22192
CRITICAL
wpDiscuz <7.6.47 - Stored XSS
CVSS 9.9
CVE-2026-3611
CRITICAL
Honeywell IQ4x - Auth Bypass
CVSS 10.0
CVE-2026-32231
HIGH
ZeptoClaw <0.7.6 - Auth Bypass
CVSS 8.2
CVE-2026-31881
HIGH
Runtipi <4.8.0 - Auth Bypass
CVSS 7.7
CVE-2026-27897
CRITICAL
Vociferous <4.4.2 - Path Traversal
CVSS 10.0
CVE-2026-30933
HIGH
FileBrowser Quantum <1.3.1-beta/1.2.2-stable - Info Disclosure
CVSS 7.5
CVE-2026-2339
HIGH
TUBITAK BILGEM Liderahenk <3.4.0 - Auth Bypass
CVSS 7.5
CVE-2026-23662
HIGH
Azure IoT Explorer - Auth Bypass
CVSS 7.5
CVE-2026-30885
MEDIUM
WWBN AVideo <25.0 - Info Disclosure
CVSS 5.3
CVE-2026-1920
MEDIUM
Booking Calendar for Appointments 1.0.16 - Auth Bypass
CVSS 5.3
CVE-2026-1919
MEDIUM
Booking Calendar for Appointments 1.0.16 - Info Disclosure
CVSS 5.3
CVE-2026-30824
CRITICAL
Flowise <3.0.13 - Auth Bypass
CVSS 9.8
CVE-2026-25071
HIGH
XikeStor SKS8310-8X <1.04.B07 - Auth Bypass
CVSS 7.5
CVE-2026-30846
HIGH
Wekan 8.31.0-8.33 - Info Disclosure
CVSS 7.5
CVE-2026-26288
CRITICAL
OCPP WebSocket - Privilege Escalation
CVSS 9.4
CVE-2026-2754
HIGH
Navtor NavBox - Info Disclosure
CVSS 7.5
CVE-2026-26051
CRITICAL
OCPP WebSocket - Privilege Escalation
CVSS 9.4
CVE-2026-27603
HIGH
Chartbrew <4.8.4 - Auth Bypass
CVSS 7.5
CVE-2026-22552
CRITICAL
OCPP WebSocket - Privilege Escalation
CVSS 9.4
CVE-2026-26125
HIGH
Payment Orchestrator Service - Privilege Escalation
CVSS 8.6
CVE-2026-29613
MEDIUM
OpenClaw <2026.2.12 - Auth Bypass
CVSS 5.9
CVE-2026-29606
MEDIUM
OpenClaw <2026.2.14 - Auth Bypass
CVSS 6.5
CVE-2026-28485
HIGH
OpenClaw 2026.1.5-2026.2.12 - Auth Bypass
CVSS 8.4
Details
Vulnerabilities
2,205
Exploit Likelihood
High