The product does not require that users should have strong passwords.
249 vulnerabilities with CWE-521
CVE-2026-27575
CRITICAL
Vikunja <2.0.0 - Auth Bypass
CVSS 9.1
CVE-2026-25715
CRITICAL
Device Web Interface - Auth Bypass
CVSS 9.8
CVE-2026-1408
LOW
Beetel 777VR1 <01.00.09/01.00.09_55 - Info Disclosure
CVSS 2.0
CVE-2025-55252
LOW
HCL AION <2 - Info Disclosure
CVSS 3.1
CVE-2025-68963
MEDIUM
Clone Module - Info Disclosure
CVSS 5.7
CVE-2025-68716
HIGH
KAYSUS KS-WR3600 - RCE
CVSS 8.4
CVE-2025-23408
MEDIUM
Apache Fineract <1.10.1 - Info Disclosure
CVSS 6.5
CVE-2025-67513
FreePBX <16.0.96 & <17.0.1-9 - Info Disclosure
CVE-2025-53963
CRITICAL
Thermo Fisher Ion Torrent OneTouch 2 - RCE
CVSS 9.8
CVE-2025-65014
LOW
LibreNMS <25.11.0 - Info Disclosure
CVSS 3.7
CVE-2025-63800
HIGH
Open Source Point of Sale 3.4.1 - Info Disclosure
CVSS 7.5
CVE-2025-63747
CRITICAL
QaTraq 6.9.2 - Info Disclosure
CVSS 9.8
CVE-2025-55034
HIGH
General Industrial Controls Lynx+ Gateway - Info Disclosure
CVSS 8.2
CVE-2025-12552
CRITICAL
BLU-IC2 <1.19.5 - Info Disclosure
CVSS 9.8
CVE-2025-11200
CRITICAL
MLflow - Auth Bypass
CVSS 9.8
CVE-2025-12364
CRITICAL
BLU-IC2, IC4 <1.19.5 - Info Disclosure
CVSS 9.8
CVE-2025-12285
CRITICAL
Azure-access Blu-ic2 Firmware < 1.20 - Improper Input Validation
CVSS 9.8
CVE-2025-60954
HIGH
Microweber CMS 2.0 - Info Disclosure
CVSS 8.3
CVE-2025-11322
LOW
Mangati NovoSGA <2.2.12 - Info Disclosure
CVSS 3.7
CVE-2023-49883
MEDIUM
IBM Transformation Extender Advanced 10.0.1 - Info Disclosure
CVSS 5.9
CVE-2025-9964
Novakon P series - Info Disclosure
CVE-2025-57295
HIGH
H3C Magic Nx15 Firmware - Privilege Escalation
CVSS 8.0
CVE-2025-10320
LOW
iteachyou Dreamer CMS <4.1.3.2 - Info Disclosure
CVSS 3.1
CVE-2025-9514
LOW
macrozheng mall <1.0.3 - Info Disclosure
CVSS 3.7
CVE-2025-25737
MEDIUM
Kapsch TrafficCom RIS-9160 & RIS-9260 - Auth Bypass
CVSS 6.8
Details
Vulnerabilities
249