CWE-640

High likelihood

Weak Password Recovery Mechanism for Forgotten Password

Parent: CWE-1390 - Weak Authentication

The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

272 vulnerabilities with CWE-640
CVE-2026-45013 HIGH
Apostrophe has a Weak Password Recovery Mechanism for Forgotten Password and Improper Input Validation
CVSS 8.1
CVE-2026-12066 HIGH
PbootCMS Password MemberController.php retrieve password recovery
CVSS 7.3
CVE-2026-50635 HIGH
LimeSurvey Password Reset Host Header Injection Discloses Reset Token
CVSS 8.8
CVE-2026-10169 LOW
OUSL-GROUP-BrinaryBrains School Student Management System Forgot Password Endpoint Login.php ajax_forgot_password password recovery
CVSS 3.7
CVE-2026-7459 HIGH
Simple History <= 5.26.0 - Subscriber+ Account Takeover
CVSS 7.5
CVE-2026-35676 HIGH
phpMyFAQ - Unauthenticated Password Reset via User Password Update Endpoint
CVSS 8.2
CVE-2026-9609 MEDIUM
QianFox FoxCMS Admin.php edit password recovery
CVSS 4.7
CVE-2026-9466 MEDIUM
Tiandy Easy7 Integrated Management Platform API Endpoint updateUserPassword password recovery
CVSS 5.3
CVE-2026-36438 MEDIUM
Intelbras VIP-1230-D-G4 V2.800.00IB00C.0.T - Info Disclosure
CVSS 5.3
CVE-2026-42606 HIGH
AzuraCast: Password Reset Poisoning via Untrusted X-Forwarded-Host Header Leads to Account Takeover and 2FA Bypass
CVSS 8.1
CVE-2026-7652 MEDIUM
LatePoint <= 5.5.0 - Unauthenticated Account Takeover via Weak Password Recovery Mechanism
CVSS 5.3
CVE-2026-34408 CRITICAL
Gambio 4.0.0.0-4.9.2.0 - Weak Password Recovery Mechanism for Forgotten Password
CVSS 9.1
CVE-2026-29199 HIGH
phpBB <3.3.16 - Host Header Injection
CVSS 8.1
CVE-2026-7554 MEDIUM
D-Link M60 httpd password recovery
CVSS 5.6
CVE-2026-40585 HIGH
blueprintUE: Password Reset Tokens Have No Expiry Window
CVSS 7.4
CVE-2026-24467 CRITICAL
OpenAEV's Improper Password Reset Token Management Leads to Unauthenticated Account Takeover and Platform Compromise
CVSS 9.0
CVE-2026-30459 HIGH
FuelCMS 1.5.2 - Unauthenticated Password Reset Token Disclosure via Forgot Password Feature
CVSS 7.1
CVE-2026-33707 CRITICAL
Weak Password Recovery Mechanism for Forgotten Password in chamilo/chamilo-lms
CVSS 9.4
CVE-2026-34751 CRITICAL
Payload has Unvalidated Input in Password Recovery Endpoints
CVSS 9.1
CVE-2026-4136 MEDIUM
Membership Plugin – Restrict Content <= 3.2.24 - Unvalidated Redirect in Password Reset Flow via rcp_redirect
CVSS 4.3
CVE-2026-32865 CRITICAL
OPEXUS eComplaint and eCase insecure password reset
CVSS 9.8
CVE-2026-32103 MEDIUM
StudioCMS <0.4.3 - Privilege Escalation
CVSS 6.8
CVE-2026-28681 HIGH
IRRd 4.4.0-4.4.4/4.5.0 - Open Redirect
CVSS 8.1
CVE-2026-22723 MEDIUM
Cloudfoundry UAA 77.30.0-78.7.0 - Auth Bypass
CVSS 6.5
CVE-2026-28268 CRITICAL
Vikunja < 2.1.0 - Persistent Account Takeover via Password Reset Token Reuse
CVSS 9.8
Details
Vulnerabilities 272
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits