CWE-306
High likelihoodMissing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
2,205 vulnerabilities with CWE-306
CVE-2026-28472
HIGH
OpenClaw <2026.2.2 - Auth Bypass
CVSS 8.1
CVE-2026-28468
HIGH
OpenClaw <2026.2.14 - Auth Bypass
CVSS 7.7
CVE-2026-28458
HIGH
OpenClaw <2026.2.1 - Info Disclosure
CVSS 8.1
CVE-2026-28450
MEDIUM
OpenClaw <2026.2.12 - Auth Bypass
CVSS 6.8
CVE-2026-27944
CRITICAL
Nginx UI <2.3.3 - Info Disclosure
CVSS 9.8
CVE-2026-30784
CRITICAL
RustDesk Server - Privilege Escalation
CVSS 9.8
CVE-2026-23767
CRITICAL
ESC/POS - Auth Bypass
CVSS 9.8
CVE-2026-27446
CRITICAL
Apache Artemis/ActiveMQ Artemis - Auth Bypass
CVSS 9.8
CVE-2026-27012
CRITICAL
OpenSTAManager <2.9.8 - Privilege Escalation
CVSS 9.8
CVE-2026-1775
HIGH
Labkotec LID-3300IP - Command Injection
CVE-2026-2844
HIGH
Microchip TimePictra 11.0-11.3 SP2 - Auth Bypass
CVSS 7.5
CVE-2026-28352
MEDIUM
Indico <3.3.11 - Auth Bypass
CVSS 6.5
CVE-2026-27028
CRITICAL
OCPP WebSocket - Privilege Escalation
CVSS 9.4
CVE-2026-27772
CRITICAL
OCPP WebSocket - Privilege Escalation
CVSS 9.4
CVE-2026-27767
CRITICAL
OCPP WebSocket - Privilege Escalation
CVSS 9.4
CVE-2026-25851
CRITICAL
OCPP WebSocket - Privilege Escalation
CVSS 9.4
CVE-2026-24731
CRITICAL
OCPP WebSocket - Privilege Escalation
CVSS 9.4
CVE-2026-20781
CRITICAL
OCPP WebSocket - Privilege Escalation
CVSS 9.4
CVE-2026-27449
HIGH
Umbraco Engage <16.2.1/17.1.1 - Auth Bypass
CVSS 7.5
CVE-2026-22207
CRITICAL
OpenViking <=0.1.18 - Privilege Escalation
CVSS 9.8
CVE-2026-27509
HIGH
Unitree Go2 V1.1.7-V1.1.9/V1.1.11 - RCE
CVSS 8.0
CVE-2026-3194
MEDIUM
Chia Blockchain 2.1.0 - Auth Bypass
CVSS 4.5
CVE-2026-3192
MEDIUM
Chia Blockchain 2.1.0 - Auth Bypass
CVSS 5.6
CVE-2026-27846
MEDIUM
MR9600/MX4200 - Info Disclosure
CVSS 6.2
CVE-2026-2624
CRITICAL
Antikor NGFW 2.0.1298-2.0.1301 - Auth Bypass
CVSS 9.8
Details
Vulnerabilities
2,205
Exploit Likelihood
High