Authentication Bypass

Frigate versions prior to 0.17.0-beta1 contain an authentication weakness that allows any authenticated user to change another user's password without verifying the current password via the /users/{username}/password endpoint, combined with a failure to invalidate existing JWT tokens upon password change and absence of password strength validation. An attacker who obtains a valid session token through XSS, accidental exposure, cookie theft, compromised device, or unencrypted HTTP sniffing can permanently hijack victim accounts by changing their password while maintaining session access through non-invalidated tokens. This vulnerability has not been reported as actively exploited in the wild (KEV status unknown), but the straightforward nature of the attack and the common exposure vectors for JWT tokens make this a practical threat requiring immediate patching.

FileRise, a self-hosted web file manager and WebDAV server, contains a critical hardcoded encryption key vulnerability in versions prior to 3.9.0. The default key 'default_please_change_this_key' is used for all cryptographic operations including HMAC token generation, AES configuration encryption, and session tokens, allowing unauthenticated attackers to forge upload tokens for arbitrary file upload and decrypt sensitive admin configuration data such as OIDC client secrets and SMTP passwords. No evidence of active exploitation (not in CISA KEV) is currently available, though the vulnerability is straightforward to exploit given the hardcoded nature of the default key.

The RockPress WordPress plugin (versions up to 1.0.17) contains a Missing Authorization vulnerability in five AJAX actions that allows authenticated users with Subscriber-level privileges to trigger privileged operations intended for administrators. The vulnerability stems from a combination of missing capability checks (current_user_can() calls) in AJAX handlers and exposure of an admin nonce to all authenticated users via an unconditionally enqueued script. Attackers can extract the nonce from the HTML source and use it to trigger resource-intensive imports, reset import data, check service connectivity, and read import status information without administrative privileges.

FileRise, a self-hosted web file manager and WebDAV server, contains a missing-authentication vulnerability in the deleteShareLink endpoint that allows unauthenticated attackers to delete arbitrary file share links by providing only the share token, resulting in denial of service to legitimate users accessing shared files. All versions prior to 3.8.0 are affected. While the CVSS score is moderate at 3.7 due to high attack complexity, the vulnerability has a published proof-of-concept via the GitHub security advisory and represents a trivial attack surface requiring only knowledge of a share token.

The YI Home Camera 2 (version 2.1.1_20171024151200) CGI endpoint fails to properly authenticate requests to the /home/web/ipc function, allowing unauthenticated attackers on the local network to manipulate camera settings and access sensitive functionality. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. An attacker with network access to the camera could read configuration data, modify settings, or disrupt normal operations.

A hard-coded credentials vulnerability exists in Yi Technology YI Home Camera 2 firmware version 2.1.1_20171024151200, specifically in the home/web/ipc file component. An unauthenticated attacker on the local network can exploit these credentials to gain full access to the device with high impact on confidentiality, integrity, and availability (CVSS 8.8). The exploit has been publicly disclosed via VulDB references, and the vendor did not respond to early disclosure attempts, indicating no official patch is available.

The Aimogen Pro plugin for WordPress contains an arbitrary function call vulnerability allowing unauthenticated attackers to execute privileged WordPress functions without authorization. All versions up to and including 2.7.5 are affected, enabling attackers to modify critical site settings such as changing the default user registration role to administrator, then registering as an admin to gain full site control. This is a critical authentication bypass with privilege escalation rated 9.8 CVSS, though no active exploitation (KEV) or public proof-of-concept has been reported at this time.

DataEase versions 2.10.19 and below contain a locale-dependent validation bypass vulnerability that allows attackers to smuggle dangerous JDBC parameters past security filters. The flaw stems from inconsistent locale handling where DataEase's validation uses the JVM default locale while H2 JDBC always uses English locale, causing Turkish locale environments to misinterpret malicious parameters like 'iNIT' (bypassing blacklist as 'İNIT' while H2 executes it as 'INIT'). This has been confirmed as exploitable in real deployment scenarios and enables authenticated attackers with low privileges to achieve high-impact code execution or data access, though there is no evidence yet of active exploitation or public proof-of-concept.

An Insecure Direct Object Reference (IDOR) vulnerability in Discourse allows any authenticated user to access restricted metadata about AI personas, features, and LLM models by directly referencing their identifiers, exposing sensitive information including credit allocations and usage statistics. The vulnerability affects Discourse versions prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, and requires only low-privilege access (any logged-in user account) over the network. While the CVSS score of 5.3 indicates low confidentiality impact with no integrity or availability impact, this represents a clear information disclosure risk that could enable unauthorized tracking of AI resource consumption and usage patterns.

A remote code execution vulnerability in Discourse (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

A moderator authorization bypass vulnerability in Discourse allows authenticated moderators to access post metadata they should not have permission to view due to insufficient authorization checks. The vulnerability affects Discourse versions prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, with patched versions now available. While the CVSS score of 5.3 indicates moderate severity and the attack requires authenticated access with moderator privileges, this represents a meaningful confidentiality risk in multi-tenant forum environments where metadata isolation between moderation scopes is critical.

A critical authentication bypass vulnerability in Oracle Identity Manager and Oracle Web Services Manager allows remote attackers to completely compromise affected systems without any credentials. The vulnerability resides in the REST WebServices and Web Services Security components, affecting versions 12.2.1.4.0 and 14.1.2.1.0 of both products. With a CVSS score of 9.8 and no authentication required, this represents a severe risk to identity management infrastructure, though no current KEV listing or public POC has been documented in available sources.

ewe, a Gleam web server, contains an authentication bypass vulnerability in versions 0.6.0 through 3.0.4 that exploits improper handling of chunked transfer encoding trailer headers. An unauthenticated remote attacker can declare sensitive HTTP headers in the Trailer field and append them after the final chunk to overwrite legitimate values set by reverse proxies, enabling them to forge authentication credentials, hijack sessions, bypass rate limiting, or spoof proxy-trust headers. The vulnerability has been patched in version 3.0.5, and while not currently listed in CISA's KEV catalog, the CVSS score of 5.3 reflects medium severity with integrity impact.

Admidio versions 5.0.0 through 5.0.6 contain a critical authorization bypass vulnerability in the documents and files module that allows unauthorized deletion of folders and files. When the module is configured in public mode, unauthenticated attackers can permanently destroy the entire document library via simple HTTP GET requests without CSRF protection. The vulnerability combines missing authorization checks (CWE-862) with CSRF weaknesses, resulting in a CVSS score of 9.1 (Critical) with network-based attack vector requiring no privileges or user interaction.

An LDAP injection vulnerability in SuiteCRM's authentication flow allows attackers to manipulate LDAP queries by injecting control characters into user-supplied input, potentially leading to authentication bypass or information disclosure. The vulnerability affects SuiteCRM versions prior to 7.15.1 and 8.9.3, which are open-source CRM systems widely deployed in enterprise environments. While no active exploitation has been reported (not in CISA KEV), the network-exploitable nature and potential for authentication bypass makes this a serious concern for organizations using affected versions.

Xerte Online Toolkits 3.14 and earlier contain an unauthenticated arbitrary file upload vulnerability allowing remote code execution with a CVSS score of 9.8. The template import functionality at /website_code/php/import/import.php lacks authentication checks, enabling attackers to upload ZIP archives containing malicious PHP files that are extracted to web-accessible directories. This is a critical severity issue with network-based attack vector requiring no privileges or user interaction, and a proof-of-concept has been published by VulnCheck.

SuiteCRM versions prior to 8.9.3 contain an access control bypass in the RecordHandler::getRecord() method that allows authenticated users to retrieve any record from the system without proper ACL view permission checks. An attacker with valid credentials can enumerate and read sensitive customer data, financial records, or other confidential information across all modules by directly calling the vulnerable method. The vulnerability has a CVSS score of 6.5 (medium-high) and is information disclosure in nature with no active exploitation reports or public proof-of-concept available at this time.

A critical access control vulnerability exists in the SuiteCRM REST API V8 where multiple endpoints lack proper ACL (Access Control List) validation, enabling authenticated users to access and modify data beyond their authorized permissions. This affects SuiteCRM versions prior to 7.15.1 and 8.9.3, allowing privilege escalation within the CRM system where low-privileged users can potentially access sensitive customer data, modify records, or perform administrative actions. With a CVSS score of 8.1 and authentication bypass capabilities, this represents a significant security risk for organizations using affected versions.

This is an authentication bypass vulnerability in Spring Boot applications using Spring Security with Actuator endpoints. When an authenticated application endpoint is declared under the CloudFoundry Actuator path, attackers can bypass authentication requirements and gain unauthorized access to protected resources. The vulnerability affects multiple versions of Spring Security from 2.7.0 through 4.0.3 and carries a high CVSS score of 8.2, though no active exploitation or proof-of-concept has been reported.

Admidio versions 5.0.0 through 5.0.6 contain an authorization bypass vulnerability in the forum module that allows any authenticated user to permanently delete forum topics and posts without proper permission checks. An attacker with basic forum access can delete any topic or post by knowing its UUID, which is publicly visible in URLs, completely circumventing the authorization controls that are properly enforced in edit/save operations. This vulnerability was fixed in version 5.0.7, and exploitation requires only low privileges (authenticated user status) with no user interaction.

Spring Boot Actuator endpoints can be bypassed for authentication when application endpoints are configured under Health Group paths in versions 4.0 before 4.0.3, 3.5 before 3.5.11, and 3.4 before 3.4.15. An unauthenticated attacker can exploit this path-based misconfiguration to gain unauthorized access to protected resources with high confidence in authentication bypass and partial information disclosure. No patch is currently available.

Discourse is an open-source discussion platform.

A remote code execution vulnerability in Discourse (CVSS 5.4). Remediation should follow standard vulnerability management procedures.

A remote code execution vulnerability in Discourse (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

OpenClaw versions prior to 2026.3.1 contain an authentication bypass vulnerability where failed authentication bootstrap during startup leaves browser-control routes accessible without credentials. An attacker with local process access or ability to reach the application via loopback SSRF can exploit this to access sensitive browser-control functionality including code evaluation capabilities without valid authentication. This is a moderate-risk vulnerability with a CVSS score of 6.9 and realistic exploitation potential for local/SSRF-capable threats.

OpenClaw versions before 2026.2.22 allow authenticated attackers to bypass sender authorization checks through identifier collision attacks, enabling them to gain unauthorized access to privileged tools. By exploiting untyped sender keys and forcing collisions with mutable identity fields like senderName or senderUsername, attackers can inherit elevated permissions not granted to their account. No patch is currently available for this medium-severity vulnerability.

A sandbox network isolation bypass vulnerability in OpenClaw allows trusted operators to escape container network boundaries and join other containers' network namespaces. OpenClaw versions before 2026.2.24 are affected, enabling attackers who have operator privileges to configure the docker.network parameter with 'container:<id>' values to reach services in target container namespaces and bypass network segmentation controls. The vulnerability has a critical CVSS score of 9.8 but requires trusted operator access, and there is no evidence of active exploitation in KEV or high EPSS probability.

OpenClaw versions prior to 2026.3.2 contain an authorization bypass vulnerability in Discord voice transcript processing where the senderIsOwner flag is not properly validated in the agentCommand handler, causing it to default to true. This allows non-owner participants in mixed-trust Discord channels to gain unauthorized access to owner-only tools including gateway and cron functionality. The vulnerability has a CVSS score of 5.9 (medium severity) with high integrity impact, though real-world exploitation requires user interaction and moderate attack complexity.

OpenClaw versions before 2026.2.21 allow authenticated attackers to bypass device identity verification and gain high-privilege Control UI access when insecure authentication is enabled and the gateway uses unencrypted HTTP. An attacker with compromised credentials can exploit the lack of secure authentication enforcement to obtain unauthorized control access. The vulnerability requires network access and valid credentials but poses significant risk in environments where plaintext HTTP is used.

OpenClaw server-http versions before 2026.2.26 permit unauthenticated access to protected plugin channel APIs through path canonicalization mismatches between gateway and routing handlers. Remote attackers can exploit this authentication bypass by crafting requests with alternative path encodings to reach sensitive endpoints without valid credentials. No patch is currently available for this medium-severity issue.

A remote code execution vulnerability (CVSS 6.3). Remediation should follow standard vulnerability management procedures.

A WebSocket authentication bypass vulnerability in OpenClaw gateway software allows attackers to circumvent origin validation and rate limiting protections when deployed on localhost/loopback interfaces. The flaw enables malicious websites to conduct brute-force attacks against the gateway's authentication mechanism through a victim's browser, potentially gaining full administrative control over the OpenClaw control plane. With a 7.5 CVSS score and requiring only user interaction to exploit, this represents a significant risk for organizations running OpenClaw in loopback configurations.

OpenClaw versions prior to 2026.2.24 contain an approval gating bypass vulnerability in the system.run allowlist mode where attackers with local privileges can chain multiple transparent dispatch wrappers (such as /usr/bin/env) to suppress shell-wrapper detection and execute arbitrary shell commands without triggering expected approval prompts in allowlist plus ask=on-miss configurations. This authentication bypass has a CVSS score of 5.9 (medium severity) with high integrity impact, allowing privilege escalation or unauthorized command execution on affected systems. A proof-of-concept and security advisory are available from GitHub and VulnCheck.

CVE-2026-32021 is a security vulnerability (CVSS 6.3). Remediation should follow standard vulnerability management procedures.

OpenClaw versions before 2026.2.19 allow authenticated attackers to bypass the exec safeBins policy and write arbitrary files by injecting short-option flags into whitelisted binary commands. An attacker with login credentials can exploit this allowlist bypass to perform unauthorized file-write operations that should be blocked by the safeBins security controls. No patch is currently available for this medium-severity vulnerability.

OpenClaw prior to version 2026.2.22 on macOS allows local attackers with user-level privileges to execute unauthorized binaries by bypassing path validation in the exec-approval allowlist mode through basename-only entries. An attacker can execute same-named local binaries without approval when the security allowlist policy is enabled, circumventing intended path-based restrictions. A patch is not currently available.

OpenClaw versions before 2026.2.19 contain a path hijacking vulnerability in tools.exec.safeBins that allows local attackers with process environment control to execute arbitrary binaries by spoofing allowlisted tool names like jq. An attacker who can manipulate the gateway process PATH can bypass executable validation controls and achieve code execution with the privileges of the affected process. No patch is currently available.

A metadata spoofing vulnerability in OpenClaw allows attackers with paired node identities on the trusted network to bypass platform-based node command policies by manipulating unsigned reconnect platform and deviceFamily fields. This authentication bypass vulnerability affects OpenClaw versions prior to 2026.2.26 and enables unauthorized access to restricted commands with high impact on confidentiality, integrity, and availability (CVSS 8.0). No active exploitation has been reported in KEV and EPSS data is not available, but the vulnerability has been publicly disclosed with patches available.

Arbitrary command execution in OpenClaw prior to version 2026.2.24 results from improper validation of binaries in package manager directories that are included in the safeBins allowlist. An attacker with write access to trusted paths such as /opt/homebrew/bin or /usr/local/bin can plant a malicious binary to achieve code execution within the OpenClaw runtime. No patch is currently available.

CVE-2026-32006 is a security vulnerability (CVSS 3.1). Remediation should follow standard vulnerability management procedures.

OpenClaw versions prior to 2026.2.25 contain an authorization bypass vulnerability in interactive callback handlers (block_action, view_submission, view_closed) that allows authenticated but unauthorized workspace members to bypass sender authorization checks and enqueue arbitrary system events into active sessions. This affects shared workspace deployments where multiple users with varying permission levels coexist, enabling privilege escalation and information disclosure attacks without requiring elevated privileges or user interaction.

OpenClaw prior to version 2026.3.2 allows unauthenticated attackers to bypass authentication controls on the /api/channels endpoint through path canonicalization mismatches, enabling access to protected API resources. The vulnerability exploits inconsistent handling of multi-encoded slash characters (%2f variants) between authentication checks and route processing. No patch is currently available, and exploitation requires only network access with no user interaction.

OpenClaw prior to version 2026.2.22 allows authenticated users to bypass device identity verification and assume a node role during WebSocket connections, enabling injection of unauthorized node events that trigger sensitive agent and voice transcript operations. An attacker with a shared gateway token can exploit this to perform actions without proper device pairing, potentially compromising system integrity and confidentiality. No patch is currently available.

A remote code execution vulnerability in Discourse (CVSS 7.5). High severity vulnerability requiring prompt remediation.

A remote code execution vulnerability in Discourse (CVSS 6.5). Remediation should follow standard vulnerability management procedures.

A remote code execution vulnerability in Discourse (CVSS 5.3) that allows restricted post action counts. Remediation should follow standard vulnerability management procedures.

SiYuan knowledge management system versions 3.6.0 and below allow unauthenticated WebSocket connections to the /ws endpoint via specific URL parameters, enabling attackers to bypass authentication and receive real-time server push events. An attacker can exploit this by connecting from a malicious website to monitor a victim's local SiYuan instance and exfiltrate sensitive metadata including document titles, notebook names, file paths, and user activity without the victim's knowledge. No patch is currently available for this high-severity information disclosure vulnerability.

Parse Server authentication bypass in deployments with `allowExpiredAuthDataToken` enabled allows attackers to impersonate any user with a linked third-party authentication provider by knowing only their provider ID, gaining full account access including valid session tokens. This affects configurations that explicitly set the non-default `allowExpiredAuthDataToken` option to `true`. A patch is available that enforces auth provider validation regardless of this setting.

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework.

This vulnerability involves insufficiently protected credentials in Azure DevOps that allows an unauthorized attacker to elevate privileges over a network. The vulnerability affects Azure DevOps versions up to and presents a high-risk authentication bypass issue that could allow attackers to gain unauthorized access with elevated privileges. With a CVSS score of 8.6 and no exploitation complexity barriers, this represents a critical security risk for organizations using affected Azure DevOps instances.

Remote code execution in SQLBot 1.5.0 and below allows authenticated users to inject malicious prompts through unsanitized terminology uploads, enabling attackers to manipulate the LLM into generating arbitrary PostgreSQL commands executed with database privileges. The vulnerability stems from missing permission checks on the Excel upload API combined with inadequate semantic isolation when injecting user-controlled data into the system prompt. An attacker can exploit this to achieve code execution on the database or application server running as the postgres user.

Unauthorized user warnings in Discourse prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 can be issued by authenticated non-staff users due to a type coercion flaw in the post actions API endpoint. Attackers with valid login credentials can exploit this to send warnings meant only for staff moderators, though no data exposure or further privilege escalation occurs. No patch workaround is currently available.

Unauthorized access to hidden post revisions in Discourse through version enumeration allows unauthenticated users to bypass authorization checks and read staff-concealed edit history. The /posts/:id.json endpoint fails to validate user permissions before displaying revision content, enabling attackers to enumerate version numbers and access sensitive historical data. Affected deployments should upgrade to versions 2026.3.0-latest.1, 2026.2.1, or 2026.1.2 as no workarounds are available.

A logic error in AWS-LC's CRL (Certificate Revocation List) distribution point validation causes the cryptographic library to incorrectly reject partitioned CRLs as out of scope, allowing revoked certificates to bypass certificate revocation checks. This authentication bypass vulnerability affects AWS-LC versions before 1.71.0 and AWS-LC-FIPS versions before 3.3.0, potentially allowing attackers to use revoked certificates for unauthorized access to systems that rely on AWS-LC for certificate validation. No active exploitation has been reported in KEV, and no EPSS score is available yet.

A remote code execution vulnerability in OpenEMR (CVSS 5.4) that allows any authenticated openemr user. Remediation should follow standard vulnerability management procedures.

An authorization bypass vulnerability in OpenEMR versions prior to 8.0.0.2 allows authenticated non-administrator users to access reminder messages and associated patient information belonging to other users by manipulating GET request parameters. Any authenticated user can view sensitive data including patient names and message content from arbitrary user accounts without proper authorization checks. This vulnerability has a CVSS score of 6.5 (Medium) with high confidentiality impact but no integrity or availability impact, and a proof-of-concept has been published via the GitHub security advisory.

A remote code execution vulnerability in OpenEMR (CVSS 8.1). High severity vulnerability requiring prompt remediation.

OpenEMR versions prior to 8.0.0.2 contain an authorization bypass vulnerability in the encounter vitals API that allows authenticated users with encounters/notes permissions to overwrite any patient's vital signs by supplying another patient's vital ID in the request body. This constitutes medical record tampering with integrity implications rated CVSS 6.5. No evidence of active exploitation in KEV or public POC availability was identified in the provided intelligence, though the vulnerability is straightforward to exploit given valid API credentials.

A Server-Side Request Forgery (SSRF) vulnerability in AVideo's Live plugin allows unauthenticated remote attackers to scan internal networks, access cloud metadata services, and bypass authentication mechanisms when the plugin is deployed in standalone mode. The vulnerability exists because user-controlled input is directly used to construct URLs for server-side requests without validation, enabling attackers to proxy requests through the vulnerable server and potentially chain this with command execution. With a CVSS score of 9.1 and requiring no authentication or user interaction, this represents a critical security risk for affected deployments.

CVE-2026-33326 is a security vulnerability (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

A Host Header Spoofing vulnerability in the @local_check decorator of pyload-ng allows unauthenticated external attackers to bypass local-only IP address restrictions on the Click'N'Load API endpoints by sending a crafted HTTP Host header. This authentication bypass enables remote attackers to queue arbitrary downloads on the affected pyload instance, leading to Server-Side Request Forgery (SSRF) attacks against internal or external systems and Denial of Service through resource exhaustion. A proof-of-concept exploit exists in the form of a simple curl command that demonstrates immediate exploitability without user interaction.

The CustomizeUser plugin in PHP and Python allows attackers to bypass channel-level access control by exploiting improper password validation in the setPassword.json.php endpoint. An administrator-level attacker can set any user's channel password to zero due to type coercion of non-numeric characters, enabling trivial authentication bypass for any visitor. No patch is currently available for this critical vulnerability.

Kibana's Detection Rule Management lacks proper authorization controls, allowing authenticated users with rule management privileges to configure unauthorized endpoint response actions including host isolation and process termination. An attacker with these privileges could exploit this missing access control to execute sensitive endpoint operations beyond their intended scope. No patch is currently available for this medium-severity vulnerability affecting Elastic products.

A critical authentication bypass vulnerability exists in Step CA, an open-source certificate authority, that allows remote unauthenticated attackers to completely bypass authentication mechanisms and gain unauthorized access with high privileges. The vulnerability affects all versions prior to v0.30.0 and has been assigned the maximum CVSS score of 10.0, indicating extreme severity with potential for both confidentiality and integrity compromise across security boundaries. While full technical details are embargoed until March 30, 2026, the vendor has urged immediate upgrades, suggesting active exploitation risk despite no current KEV listing or public POC availability.

OPEXUS eComplaint versions before 10.1.0.0 allow unauthenticated attackers to enumerate case numbers and upload arbitrary files to the public document upload interface, potentially cluttering cases with malicious content and consuming server storage. The vulnerability requires user interaction but has no authentication requirements, affecting all instances running vulnerable versions with no available patch.

BMC FootPrints ITSM contains an authentication bypass vulnerability allowing unauthenticated remote attackers to access restricted REST API endpoints and servlets without proper authorization. Affected versions range from 20.20.02 through 20.24.01.001, enabling attackers to invoke restricted functionality, access application data, and modify system resources. A public proof-of-concept exploit has been published by watchTowr Labs demonstrating pre-authentication remote code execution chains, significantly elevating the real-world risk.

The NLTK (Natural Language Toolkit) WordNet Browser HTTP server contains an unauthenticated shutdown vulnerability that allows any remote attacker to terminate the service with a single GET request to the '/SHUTDOWN THE SERVER' endpoint. This affects users running nltk.app.wordnet_app in its default mode, where the server binds to all network interfaces without authentication. A proof-of-concept exploit is publicly available demonstrating the denial-of-service attack, though EPSS and KEV data are not yet available for this recent CVE.

Claude Code, an AI coding assistant, contains an authentication bypass vulnerability where malicious repositories can silently skip the workspace trust confirmation dialog by setting permissions.defaultMode to bypassPermissions in a committed .claude/settings.json file. This affects users of the @anthropic-ai/claude-code npm package who open untrusted repositories. An attacker can place users into a permissive execution mode without explicit consent, enabling tool execution without the user seeing trust prompts, though no evidence of active exploitation or public proof-of-concept is currently available.

An XML External Entity (XXE) vulnerability in the XMLUtils.java component of Slovensko.Digital Autogram allows remote unauthenticated attackers to conduct Server-Side Request Forgery (SSRF) attacks and read local files from the filesystem. The vulnerability affects Autogram software and can be exploited when a victim visits a specially crafted website that sends malicious XML to the application's local HTTP server /sign endpoint. A blog post detailing exploitation research is publicly available, increasing the likelihood of exploitation attempts.

An improper authentication vulnerability in Secomea GateManager's webserver modules allows authenticated users to bypass authentication controls and access resources they should not be permitted to access. This affects GateManager version 11.4.0 and potentially other versions within the 11.4 release line. An attacker with valid login credentials can exploit this flaw to gain unauthorized access to sensitive information, achieving high confidentiality impact without modifying data or degrading availability.

An authorization bypass vulnerability exists in Themeum Tutor LMS through version 3.9.4 that allows authenticated users to access resources they should not have permission to view through user-controlled keys in the access control mechanism. This Insecure Direct Object Reference (IDOR) vulnerability affects all Tutor LMS installations up to and including version 3.9.4, enabling an attacker with low privileges to read sensitive data by manipulating object identifiers. The vulnerability has a CVSS score of 6.5 reflecting moderate severity with high confidentiality impact, and while no KEV or widespread POC exploitation has been publicly confirmed, the attack requires only network access and valid authentication credentials.

EventPrime versions through 4.2.8.3 contain an authorization bypass vulnerability that allows unauthenticated remote attackers to modify data through improperly configured access controls. The flaw enables integrity compromise without requiring authentication or user interaction, affecting all installations of the affected versions. No patch is currently available.

The Admin Safety Guard WordPress plugin versions through 1.2.6 contains an authentication bypass vulnerability that allows attackers to exploit password recovery mechanisms through alternate paths or channels. Attackers can remotely compromise administrator accounts without authentication, leading to complete site takeover. The vulnerability has a CVSS score of 8.1 (High) with high attack complexity, though no EPSS data or KEV listing indicates limited observed exploitation to date.

An authorization bypass vulnerability in Really Simple Security Pro versions through 9.5.4.0 allows unauthenticated attackers to exploit incorrectly configured access control through user-controlled keys, resulting in integrity and availability impacts. The vulnerability is classified as CWE-639 (Authorization Bypass Through User-Controlled Key) with a CVSS score of 6.5, indicating medium severity with network-based attack vector requiring no privileges or user interaction. Patchstack has documented this issue affecting the Really Simple Plugins B.V. Really Simple Security Pro WordPress plugin, though active exploitation status and POC availability from public sources require verification against current threat intelligence feeds.

WP eMember through version 10.2.2 contains an authorization bypass flaw that allows unauthenticated remote attackers to circumvent access control restrictions and view protected content. The vulnerability stems from improper validation of security level configurations, enabling unauthorized information disclosure without user interaction. No patch is currently available for this issue.

Synology OpenClaw versions 2026.2.22 and 2026.2.23 contain an authorization bypass in the synology-chat channel plugin where misconfigured allowlist policies with empty user IDs fail open, allowing authenticated Synology senders to dispatch unauthorized agents and execute downstream tool actions. The vulnerability requires network access and low-complexity exploitation, with a patch currently available.

OpenClaw versions before 2026.2.22 contain an allowlist parsing flaw in the macOS companion app that enables authenticated operators with elevated privileges to bypass command execution controls and run arbitrary commands on paired hosts. The vulnerability affects systems with operator.write access and macOS beta nodes, allowing attackers to craft malicious shell-chain payloads that circumvent validation checks. A security patch is available.

OpenClaw contains an allowlist bypass vulnerability in system.run guardrails that enables authenticated operators to execute arbitrary commands by exploiting the env -S flag when /usr/bin/env is allowlisted. The vulnerability affects all OpenClaw versions prior to 2026.2.23, allowing attackers with low-level privileges to bypass policy controls and execute shell wrapper payloads at runtime. No KEV status or public POC has been reported, though vendor patches are available.

OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability in Signal group allowlist enforcement where the system incorrectly accepts sender identities derived from direct message (DM) pairing-store approvals. An authenticated attacker with low privileges can exploit this boundary weakness by obtaining DM pairing approval, allowing them to bypass group allowlist checks and gain unauthorized access to Signal groups. While the CVSS score is moderate (3.7) and attack complexity is high, the vulnerability represents a direct authentication control bypass in a messaging security context, and patches are available from the vendor.

Use of a deterministic credential generation algorithm in /ftl/bin/calc_f2 in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the...

An Insecure Direct Object Reference (IDOR) vulnerability in the Hytale Modding Wiki prior to version 1.0.0 allows any authenticated user to access and view mod authors' personal information, including full names and email addresses, by navigating directly to mod pages using their slugs. The vulnerability requires only low-privilege authentication (account creation) and no user interaction, making it trivially exploitable. While the CVSS score is moderate at 4.3, the exposure of personally identifiable information (PII) represents a direct privacy harm to affected mod authors.

OpenEMR versions up to 8.0.0 contain an authorization bypass vulnerability in the message/note update endpoints that allows authenticated users with notes permissions to modify any patient's messages without proper access control verification. An attacker can exploit this by supplying arbitrary message IDs in PUT or POST requests, enabling unauthorized modification of other patients' medical records. This is a moderate-risk issue (CVSS 6.5) with integrity impact on sensitive healthcare data, though exploitation requires existing authentication and notes permissions.

The SiYuan kernel, a Go-based note-taking application, contains an authentication bypass vulnerability in its WebSocket server that allows unauthenticated attackers to crash the kernel process through malformed JSON messages. SiYuan kernel versions exposed via Docker or network-accessible deployments are affected, with the issue stemming from unsafe type assertions on attacker-controlled input after bypassing authentication via a specific query parameter pattern. A proof-of-concept demonstrating the attack exists in the GitHub advisory, and while CVSS rates this as 7.5 High severity for availability impact, real-world exploitation risk depends heavily on network exposure beyond localhost.

An authorization bypass vulnerability in gRPC-Go allows attackers to circumvent path-based access control by sending HTTP/2 requests with malformed :path pseudo-headers that omit the mandatory leading slash (e.g., 'Service/Method' instead of '/Service/Method'). This affects gRPC-Go servers using path-based authorization interceptors like google.golang.org/grpc/authz with deny rules for canonical paths but fallback allow rules. The vulnerability has a CVSS score of 9.1 (Critical) with network-based exploitation requiring no privileges or user interaction, enabling attackers to access restricted services and potentially exfiltrate or modify sensitive data.

NRF discovery service denial of service in free5GC v4.0.1 allows remote attackers to crash the service by sending HTTP GET requests with malformed group-id-list parameters that trigger unvalidated array access. The EncodeGroupId function fails to check split data length before accessing specific indices, causing an index out of range panic. A patch is available to address this input validation flaw affecting all deployments using the vulnerable NRF service.

A low-privileged authorization bypass vulnerability in Statamic CMS allows Control Panel users to create taxonomy terms without proper authorization by submitting crafted requests to the field action processing endpoint with attacker-controlled field definitions. This vulnerability affects Statamic CMS versions prior to 5.73.14 and 6.7.0, enabling unauthorized data modification with a CVSS score of 4.3 and low attack complexity. No active exploitation or public proof-of-concept has been confirmed, but patches are readily available from the vendor.

A MongoDB query logic error in ApostropheCMS versions 3.0.0 through 4.27.1 allows complete bypass of multi-factor authentication (MFA/TOTP) protections. An attacker with knowledge of a victim's password can use an incomplete bearer token (returned after password verification but before MFA completion) to gain fully authenticated API access without providing TOTP codes. A proof-of-concept demonstration is included in the vulnerability report, and while no public KEV listing exists, the technical details and working POC make this immediately exploitable.

Zitadel's OAuth2/OIDC implementation contains an authentication bypass vulnerability (CWE-863: Improper Authorization) that allows unauthenticated attackers to circumvent organization enforcement controls during login. Affected versions 3.0.0-3.4.8 and 4.0.0-4.12.2 fail to validate organization membership scopes in device authorization flows and all Login V2/OIDC API V2 endpoints, enabling attackers to authenticate with users from unauthorized organizations. While the CVSS score of 5.3 indicates low-to-moderate severity with confidentiality impact only, the attack requires no privileges or user interaction and operates over the network, making it a practical concern for multi-tenant deployments.

The OneUptime monitoring platform (specifically version 10.0.23 and likely earlier versions) contains an authentication bypass vulnerability in its WhatsApp webhook handler that fails to verify the X-Hub-Signature-256 HMAC signature required by Meta/WhatsApp. Any unauthenticated remote attacker can send forged webhook payloads to manipulate notification delivery status records, suppress critical alerts, and corrupt audit trails. A working proof-of-concept exploit has been published demonstrating successful injection of arbitrary webhook events via simple HTTP POST requests with no authentication required.

A Host header manipulation vulnerability in the h3 Node.js web framework allows attackers to bypass authentication middleware by polluting the event.url object. The vulnerability affects h3 npm package and allows unauthorized access to protected routes by crafting malicious Host headers that trigger internal URL reconstruction logic. A working proof-of-concept exploit is publicly available demonstrating the authentication bypass.