Authentication Bypass

LinkAce versions before 2.5.3 disclose private notes to authenticated users via the web interface when viewing shared links, despite the API correctly enforcing note visibility restrictions. An authenticated user can read another user's private notes attached to internal or public links by accessing the web link detail page, resulting in unauthorized information disclosure. Version 2.5.3 patches this authorization bypass.

Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12 mishandle HTTP/1.1 URLs with a root path (/) in unchecked req.url scenarios, enabling cache poisoning and authentication bypass attacks. Unauthenticated remote attackers can exploit this with moderate complexity to poison cached content or bypass authentication controls affecting downstream clients. No active exploitation has been confirmed, though the vulnerability carries a 5.4 CVSS score reflecting network accessibility and partial impact to confidentiality and integrity.

Mastodon versions 4.5.x before 4.5.8 and 4.4.x before 4.4.15 allow unauthenticated attackers with prior knowledge of a quote to prevent its correct processing on a target server, resulting in limited integrity and availability impact. The vulnerability exploits timing and knowledge of ActivityPub quote structures to disrupt social content distribution. Patches are available in Mastodon 4.5.8 and 4.4.15; versions 4.3 and earlier are unaffected due to lack of quote support.

DNS name constraint validation bypass in cryptography library versions prior to 46.0.6 allows peer names to bypass X.509 name constraint checks during certificate validation. The vulnerability arises because name constraints were applied only to Subject Alternative Names (SANs) in child certificates but not to the peer name presented during validation, permitting a certificate for bar.example.com to validate against a wildcard leaf certificate (*.example.com) even when an excluded subtree constraint for bar.example.com existed in the parent certificate. Exploitation requires an uncommon X.509 topology not typically present in the Web PKI, and no public exploit code or active exploitation has been identified.

Insecure Direct Object Reference (IDOR) in Langflow API allows authenticated users to read, modify, or delete any flow belonging to other users via unvalidated flow_id parameters in GET/PATCH/DELETE /api/v1/flow/{flow_id} endpoints. The vulnerability affects both the langflow and langflow-base Python packages, enabling attackers with valid credentials to exfiltrate sensitive data (including plaintext API keys embedded in flows), tamper with AI agent logic, or destroy other users' workflows. A vendor-released patch (PR #8956) is available. No public exploit code identified at time of analysis, though the vulnerability is straightforward to exploit given the clear description and patch differential in the advisory.

Unauthenticated remote cache poisoning in nektos/act (GitHub Actions local runner) enables arbitrary code execution by exposing the built-in actions/cache server on all network interfaces without authentication. Attackers who can reach the cache server-including from the public internet if exposed-can inject malicious cache entries with predictable keys, leading to remote code execution within Docker containers running GitHub Actions workflows. No public exploit identified at time of analysis, though EPSS data unavailable. Vendor-released patch available in act v0.2.86.

Unauthenticated stream hijacking in LibreChat versions 0.8.2-rc2 through 0.8.2-rc3 allows authenticated users to read other users' real-time chat conversations via the SSE streaming endpoint `/api/agents/chat/stream/:streamId` without ownership verification. An attacker with valid credentials can enumerate or guess stream IDs to intercept sensitive messages, AI-generated responses, and tool invocation data from arbitrary users. The vulnerability was patched in version 0.8.2.

Fleet device management software prior to version 4.81.0 allows privilege escalation through email validation bypass in the user invitation flow. An attacker with a valid invite token can create an account using an arbitrary email address while retaining the role permissions granted by the invite, potentially obtaining global admin access. No public exploit code or active exploitation has been identified at the time of analysis.

Fleet device management software versions prior to 4.81.1 contain a broken access control vulnerability in the host transfer API that allows authenticated team maintainers to transfer hosts from any team into their own team, circumventing team isolation boundaries and gaining full control over stolen hosts including root-level script execution capabilities. The vulnerability requires authenticated access (PR:L in CVSS vector) but presents high integrity impact due to the ability to execute privileged commands on managed endpoints. No public exploit code or active exploitation has been confirmed at time of analysis.

Fleet server memory exhaustion via unbounded request bodies allows unauthenticated denial-of-service against multiple HTTP endpoints. The vulnerability affects Fleet v4 (github.com/fleetdm/fleet/v4) and was responsibly disclosed by @fuzzztf. Attackers can exhaust available memory and force server restarts by sending oversized or repeated HTTP requests to unauthenticated endpoints lacking size limits. No public exploit identified at time of analysis, though the attack mechanism is straightforward given the CWE-770 resource allocation vulnerability class.

Fleet's password reset token invalidation logic fails to revoke previously issued tokens when a user changes their password, allowing attackers with a captured token to perform account takeover by resetting the password again within the token's 24-hour validity window. The vulnerability affects Fleet versions distributed via the Go package github.com/fleetdm/fleet/v4 and requires prior compromise of a valid password reset token to exploit, limiting real-world impact to scenarios where token interception has already occurred.

WWBN AVideo versions up to 26.0 expose all non-private video categories to unauthenticated remote attackers due to missing access control enforcement in the categories.json.php endpoint. The vulnerability combines two distinct flaws: complete bypass of group-based filtering when no user parameter is supplied, and a type confusion bug that substitutes the admin user's group memberships when a user parameter is present, allowing unauthorized disclosure of category metadata intended for restricted user groups. CVSS 5.3 reflects the information disclosure impact with no authentication required and low attack complexity; no public exploit code or active exploitation has been confirmed at time of analysis.

GitHub Actions workflow artifacts in Wazuh version 4.12.0 expose GITHUB_TOKEN credentials that unauthenticated network attackers can extract and use within a limited time window to push malicious commits or alter release tags in the project repository. The vulnerability carries a CVSS 4.0 score of 8.3 with high integrity impact and low availability impact. No public exploit identified at time of analysis, though the vulnerability is classified under authentication bypass tags by VulnCheck.

WWBN AVideo up to version 26.0 fails to enforce password verification on API endpoints `get_api_video_file` and `get_api_video`, allowing unauthenticated remote attackers to retrieve direct playback URLs (MP4 files and HLS manifests) for password-protected videos by directly invoking the API. The web interface enforces password checks through the `CustomizeUser::getModeYouTube()` hook, but this validation is entirely absent from the API code path, creating a complete authentication bypass. Upstream fix available via commit be344206f2f461c034ad2f1c5d8212dd8a52b8c7; no public exploit or active exploitation confirmed at time of analysis.

Prototype pollution in locutus npm package version 2.0.39 through 3.0.24 allows remote attackers to bypass `Object.prototype` pollution guards via a crafted query string passed to the `parse_str` function, enabling authentication bypass, denial of service, or remote code execution in chained attack scenarios where `RegExp.prototype.test` has been previously compromised. Publicly available exploit code exists demonstrating the vulnerability; vendor-released patch available in version 3.0.25.

Docker daemon allows authorization plugin bypass through specially-crafted API requests that strip request bodies before forwarding to authorization (AuthZ) plugins, enabling attackers with low-level privileges to circumvent access controls. This vulnerability (CVSS 8.8) affects moby/moby and docker/docker packages, representing an incomplete fix for CVE-2024-41110. Vendor-released patch is available via GitHub commit e89edb19ad7de0407a5d31e3111cb01aa10b5a38, and no public exploit has been identified at time of analysis, though base exploitation likelihood is noted as low by the vendor.

WWBN AVideo versions up to 26.0 allow authenticated users to arbitrarily overwrite poster images for any scheduled live stream due to missing authorization checks in the uploadPoster.php endpoint, combined with subsequent broadcast of sensitive broadcast keys and user IDs to all connected WebSocket clients. An authenticated attacker can exploit this vulnerability without user interaction to deface another user's scheduled broadcasts and potentially harvest credential material for further attacks. No public exploit identified at time of analysis, though the vulnerability has been disclosed via GitHub security advisory with a published fix commit available.

Broadcast schedule modification in WWBN AVideo versions up to 26.0 allows authenticated users with streaming permissions to hijack playlists and disrupt streams by creating or modifying schedules targeting any playlist regardless of ownership, with rebroadcasts executing under the victim's identity. The vulnerability affects the `plugin/PlayLists/View/Playlists_schedules/add.json.php` endpoint and stems from insufficient authorization checks. Upstream fix available via commit 1e6dc20172de986f60641eb4fdb4090f079ffdce; no public exploit identified at time of analysis.

Appsmith versions prior to 1.98 allow unauthenticated remote attackers to access sensitive instance management API endpoints (/api/v1/consolidated-api/view, /api/v1/tenants/current) without authentication, enabling disclosure of configuration metadata, license information, and unsalted SHA-256 hashes of admin email domains. This authentication bypass facilitates reconnaissance for targeted follow-up attacks against Appsmith deployments and their administrators. No public exploit code or active exploitation has been independently confirmed at time of analysis.

Undertow HTTP request smuggling via malformed header terminator allows remote unauthenticated attackers to bypass security controls and manipulate web requests through vulnerable proxies including older Apache Traffic Server and Google Cloud Classic Application Load Balancer. With CVSS 8.7 (High/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N), the vulnerability affects multiple Red Hat product lines including JBoss EAP 7 and 8, Fuse 7, Data Grid 8, and RHEL 8-10 distributions. No public exploit identified at time of analysis, though the attack vector is network-accessible and requires no authentication.

Undertow header parsing discrepancies enable HTTP request smuggling attacks against Red Hat middleware and enterprise platforms, allowing remote unauthenticated attackers to bypass security controls and access unauthorized resources. The vulnerability affects multiple Red Hat products including JBoss Enterprise Application Platform 7 and 8, Data Grid 8, Fuse 7, Single Sign-On 7, and Enterprise Linux 8, 9, and 10 distributions. With a CVSS score of 8.7 and changed scope (S:C), attackers can exploit inconsistent header interpretation between Undertow and upstream proxies to smuggle malicious requests past authentication and authorization mechanisms, achieving high confidentiality and integrity impact without requiring authentication.

OpenBMB XAgent 1.0.0 ShareServer WebSocket endpoint allows remote authentication bypass through manipulation of the interaction_id parameter in the check_user function, enabling unauthenticated attackers to access protected resources with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, the vendor was contacted but did not respond, and active exploitation remains possible.

OpenBMB XAgent 1.0.0 allows authenticated remote attackers to bypass authorization controls via manipulation of the interaction_id argument in the WebSocket ReplayServer endpoint (XAgentServer/application/websockets/replayer.py), enabling unauthorized access to replay functionality. The vulnerability requires low privileges and is difficult to exploit due to high attack complexity, but publicly available exploit code exists. No vendor patch has been released despite early disclosure notification.

Log router endpoints in an authenticated application expose full application log buffers to any authenticated user without privilege-level authorization checks, allowing credential harvesting, sensitive data exfiltration, and reconnaissance. The vulnerability affects the '/logs' and '/logs-stream' endpoints which enforce only basic authentication ('get_current_active_user') rather than administrative privilege requirements, enabling authenticated attackers with low privileges to read complete application logs containing sensitive information. No public exploit code or active exploitation has been identified at the time of analysis, though the relatively low attack complexity (AC:L) and straightforward authentication bypass mechanism present moderate real-world risk.

Langflow's '/api/v1/files/images/{flow_id}/{file_name}' endpoint lacks authentication and authorization enforcement, permitting unauthenticated users to download arbitrary images associated with any flow by supplying or enumerating flow IDs and file names. This authentication bypass affects all versions of Langflow AI's langflow product and enables unauthorized disclosure of potentially sensitive image assets. No public exploit code or active exploitation has been confirmed at the time of analysis.

Coverity Connect command-line tooling authentication bypass via /token API endpoint allows remote attackers to assume valid user credentials and privileges without proper authentication when a username is known or guessed. The vulnerability stems from missing error handling in authentication logic, enabling attackers to craft specialized HTTP requests that circumvent normal access controls and grant full role-based privileges of the compromised account. No public exploit code or active exploitation has been confirmed at this time.

Calibre versions prior to 9.6.0 allow remote attackers to exfiltrate arbitrary files from the host system through a combination of path traversal in image handling during file conversion and unauthenticated server-side request forgery in the ebook reader web view's background-image endpoint. An attacker can craft a malicious markdown or text-based file that references files outside the intended directory, then retrieve those files through the unprotected background-image handler without authentication, enabling complete file system disclosure on systems running vulnerable Calibre instances.

Traefik reverse proxy and load balancer versions prior to 2.11.42, 3.6.11, and 3.7.0-ea.3 allow authenticated attackers to inject canonical HTTP header names that override non-canonical headers configured via the `headerField` setting, enabling identity impersonation to backend systems. The vulnerability exploits HTTP header handling inconsistencies where backends read the attacker-supplied canonical header before Traefik's non-canonical configuration, permitting authentication bypass for any identity. Vendor-released patches are available for all affected major versions.

Traefik's Knative provider fails to escape user-controlled values when interpolating host and header rules into backtick-delimited expressions, allowing attackers to inject rule syntax and bypass host restrictions in multi-tenant clusters. Versions prior to 3.6.11 and 3.7.0-ea.2 are affected. An attacker can craft malicious Knative ingress configurations to route traffic intended for one tenant to attacker-controlled hosts, enabling unauthorized cross-tenant traffic exposure and service impersonation.

NEC Aterm wireless router series (W1200Ex-MS, WG1200HP2, WG1900HP, WG1800HP3, WG1800HP4, WG1200HP3, WG1200HP4, WG1200HS2, WG1200HS3, WX1500HP, WX3000HP, WX3600HP, WG2600HS, WG2600HS2, WG2600HP4, WG2600HM4, WF1200CR, WG1200CR, and others) suffer from missing authorization controls that enable remote attackers to enumerate device configuration details and modify settings without proper access controls. The vulnerability stems from CWE-862 (Missing Authorization) in the device management interface, allowing unauthenticated or inadequately authenticated network-accessible requests to interact with sensitive administrative functions. No CVSS score, EPSS probability estimate, or public exploit code has been disclosed, and CISA KEV status is unknown.

Open-Xchange Dovecot Pro contains an LDAP filter injection vulnerability in its authentication module that allows remote unauthenticated attackers to inject arbitrary LDAP filters when the auth_username_chars configuration parameter is left empty, potentially enabling authentication bypass and reconnaissance of LDAP directory structures. The vulnerability carries a low CVSS score of 3.7 due to high attack complexity requirements, and no public exploit code has been identified at the time of analysis.

OX Dovecot Pro's doveadm HTTP service is vulnerable to timing oracle attacks during credential verification, allowing remote unauthenticated attackers to enumerate valid credentials through timing analysis and gain full administrative access to the doveadm management interface. The vulnerability affects OX Dovecot Pro installations with exposed doveadm HTTP service ports, carries a CVSS score of 7.4, and has no public exploit identified at time of analysis.

Firewalld on Red Hat Enterprise Linux 7, 8, 9, and 10, as well as OpenShift Container Platform 4, contains an authentication bypass vulnerability in two D-Bus setters (setZoneSettings2 and setPolicySettings) that allows local unprivileged users to modify runtime firewall configurations without proper authorization. An authenticated local attacker can exploit this to change network security policies, potentially enabling lateral movement or service disruption. No public exploit code has been identified at the time of analysis, though Red Hat has issued security advisories (CVE-2026-4948, Bugzilla #2452086).

BUFFALO Wi-Fi router products lack authentication controls on a critical reboot function, allowing remote unauthenticated attackers to forcibly restart affected devices over the network. The vulnerability affects multiple BUFFALO router product lines across unspecified versions. While the CVSS score of 5.3 reflects moderate severity, the attack requires no credentials, no user interaction, and can be executed remotely with low complexity, making it operationally exploitable for denial-of-service attacks against networked BUFFALO routers. No public exploit code or confirmed active exploitation has been identified at the time of analysis.

BUFFALO Wi-Fi router products allow unauthenticated remote attackers to bypass authentication mechanisms and modify critical configuration settings without valid credentials. This CWE-288 authentication bypass vulnerability affects BUFFALO Wi-Fi router product lines (CVSS 7.5, High severity) and enables complete compromise of device integrity. No public exploit identified at time of analysis, though the network-accessible attack surface and low complexity (AV:N/AC:L/PR:N) increase exposure risk for internet-facing devices.

Smart Slider 3 plugin for WordPress allows authenticated attackers with Subscriber-level privileges to read arbitrary files on the server via improper access controls in the 'actionExportAll' function. Affected versions include all releases up to and including 3.5.1.33. The vulnerability exposes sensitive files such as configuration data, database credentials, and private keys to attackers with low-privilege WordPress accounts. No public exploit code or active exploitation has been identified at the time of analysis.

MyTube versions prior to 1.8.71 allow unauthenticated remote attackers to register arbitrary passkeys and obtain full administrator access without any existing credentials. The vulnerability stems from exposed passkey registration endpoints that lack authentication checks and automatically grant admin tokens to any successfully registered passkey, enabling complete application compromise. Vendor-released patch version 1.8.71 addresses this flaw.

MyTube versions prior to 1.8.69 suffer from an authorization bypass in the `/api/settings/import-database` endpoint that allows low-privilege authenticated users to upload and replace the application's SQLite database entirely, resulting in complete application compromise. The vulnerability affects self-hosted instances of MyTube and extends to other POST routes using the same flawed authorization mechanism. No public exploit code or active exploitation has been confirmed at time of analysis, but the fix is available in version 1.8.69.

OpenSourcePOS versions prior to 3.4.2 contain an Insecure Direct Object Reference (IDOR) vulnerability allowing authenticated low-privileged users to modify password change settings for arbitrary users, including administrators, by manipulating the employee_id parameter without authorization checks. The vulnerability affects the web-based PHP/CodeIgniter point-of-sale application and enables account takeover of higher-privileged accounts. No public exploit code has been identified at the time of analysis, though the fix involves adding object-level authorization validation to the affected endpoint.

Open WebUI versions prior to 0.8.6 allow authenticated users to read other users' private memories through an insufficiently restricted API endpoint at `/api/v1/retrieval/query/collection`, exposing sensitive user data stored within the self-hosted AI platform. The vulnerability requires valid authentication credentials and carries a CVSS score of 3.1 with low attack complexity, indicating limited real-world exploitability despite the information disclosure impact. No public exploit code or active exploitation has been confirmed at the time of analysis.

Open WebUI versions prior to 0.8.6 allow authenticated users to delete arbitrary files from knowledge bases they have write access to, due to missing validation that files actually belong to the target knowledge base. An attacker with legitimate write permissions to any knowledge base can exploit this to delete files from other knowledge bases by crafting requests with known file identifiers, resulting in data loss and service disruption. No public exploit code or active exploitation has been reported at time of analysis.

Open WebUI versions prior to 0.8.6 permit authenticated users to overwrite arbitrary file contents through an insecure batch processing endpoint, escalating read-only knowledge base access to write permissions without ownership validation. Attackers with low-level privileges can manipulate RAG (Retrieval-Augmented Generation) content served to language models, poisoning AI responses delivered to other users. CVSS 7.1 (High) reflects network-accessible exploitation with low complexity requiring only standard user authentication; no public exploit identified at time of analysis.

Blog.Admin versions 8.0 and earlier expose sensitive administrator account information through an improper access control vulnerability in the getinfobytoken API endpoint. An attacker possessing a valid authentication token can bypass authorization checks to retrieve confidential administrator credentials and account details, potentially enabling lateral movement or privilege escalation attacks. No public exploit code or active exploitation has been confirmed at the time of analysis.

BS Producten Petcam version 33.1.0.0818 fails to enforce access controls on its wireless network interface, allowing unauthenticated attackers within physical proximity to connect to the device's open network and directly access live video and audio streams without authentication. The vulnerability affects a consumer IP camera product and carries a CVSS score of 6.5 (medium severity) driven by high confidentiality impact despite requiring physical proximity. A proof-of-concept and technical analysis are publicly available via GitHub, though no confirmation of active exploitation in the wild has been identified.

Authentication bypass in Incus webui (versions prior to 6.23.0) permits local or remote attackers to gain unauthorized access to the system container and virtual machine manager via an improperly validated authentication token. The vulnerability allows attackers who can reach the temporary localhost web server to escalate privileges to the level of the user running 'incus webui', enabling control over containers, virtual machines, and potentially underlying system resources. CVSS score of 8.8 (High) reflects network attack vector with low complexity requiring user interaction; no public exploit identified at time of analysis.

The digitalbazaar/forge npm package accepts forged Ed25519 signatures due to missing scalar canonicalization checks, allowing authentication and authorization bypass in applications that rely on signature uniqueness. All versions since Ed25519 implementation are affected (confirmed through version 1.3.3), identified as pkg:npm/node-forge. Publicly available exploit code exists with a complete proof-of-concept demonstrating how attackers can create multiple valid signatures for the same message by adding the group order L to the scalar component S, bypassing deduplication, replay protection, and signed-object canonicalization checks. The vendor has released a patch via commit bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85.

Red Hat OpenShift AI llama-stack-operator permits unauthorized cross-namespace access to Llama Stack service endpoints due to missing NetworkPolicy enforcement, enabling authenticated users in one namespace to view or modify sensitive data in another user's Llama Stack instances. CVSS 8.1 (High) reflects high confidentiality and integrity impact with low-privilege authenticated network access. No public exploit identified at time of analysis, though the authentication bypass weakness (CWE-653) is architecturally straightforward to leverage once cluster access is obtained.

Grafana Tempo leaks S3 SSE-C encryption keys in plaintext through its /status/config endpoint, enabling unauthenticated remote attackers to retrieve encryption keys protecting trace data stored in AWS S3. The CVSS score of 7.5 reflects high confidentiality impact with network-accessible attack vector requiring no privileges or user interaction (AV:N/AC:L/PR:N/UI:N). No public exploit identified at time of analysis, though the attack path is straightforward given the information disclosure nature of the vulnerability.

The Drupal 7 Internationalization (i18n) module's i18n_node submodule allows authenticated users holding both 'Translate content' and 'Administer content translations' permissions to bypass access controls and view unpublished node titles and IDs through the translation user interface and autocomplete functionality. Affected versions range from 7.x-1.0 through 7.x-1.35. No public exploit code or active exploitation has been confirmed at the time of analysis.

Cleartext credential storage in TP-Link TL-WR850N v3 flash memory combined with weak serial interface authentication enables attackers with physical access to extract administrative and Wi-Fi credentials, leading to full device compromise and unauthorized network access. The vulnerability is addressed by a vendor patch, and exploitation requires physical proximity to the device's serial port with no public exploit code identified at time of analysis.

Account takeover in Outline collaborative documentation service versions 0.86.0 through 1.5.x enables unauthenticated attackers to brute force Email OTP codes due to insufficient validation logic combined with rate limiter bypass. Attackers can submit unlimited OTP attempts within the code's validity window, compromising user accounts. CVSS 9.1 (Critical) severity reflects network-accessible attack vector requiring no privileges or user interaction. No public exploit identified at time of analysis, though the authentication bypass mechanism is documented in GHSA-cwhc-53hw-qqx6.

Unpublished Node Permissions module for Drupal versions prior to 1.7.0 contains an incorrect authorization vulnerability (CWE-863) that permits forceful browsing of unpublished nodes by bypassing access controls. Attackers can view content that should be restricted to specific user roles by directly accessing node URLs, circumventing the module's permission enforcement logic. No public exploit code or active exploitation has been identified at the time of analysis.

Drupal AI module versions 0.0.0 before 1.1.11 and 1.2.0 before 1.2.12 contain an incorrect authorization vulnerability (CWE-863) that enables resource injection attacks. The flaw allows attackers to bypass authorization controls and inject malicious resources, potentially gaining unauthorized access to AI-driven functionality or data within affected Drupal installations. No public exploit code or active exploitation has been confirmed at the time of this analysis.

Grafana OSS provisioning contact points API fails to enforce the alert.notifications.receivers.protected:write permission, allowing users with the Editor role to modify protected webhook URLs and bypass intended authorization controls. This affects Grafana OSS versions 11.6.9 through 11.6.14, 12.1.5 through 12.1.10, 12.2.2 through 12.2.8, and 12.3.1 through 12.3.6. Authenticated Editor-level users can exploit this to reconfigure webhook destinations, potentially redirecting alert notifications to attacker-controlled endpoints. No public exploit identified at time of analysis.

Drupal OpenID Connect / OAuth client versions before 1.5.0 contain an authentication bypass vulnerability that allows attackers to circumvent authentication mechanisms through an alternate path or channel. The vulnerability affects all versions from 0.0.0 through 1.4.x, enabling remote attackers to gain unauthorized access without proper credentials. No CVSS score, EPSS data, or confirmed active exploitation status is currently available; however, the vulnerability's authentication bypass nature and wide version range suggest significant real-world risk to Drupal installations relying on OpenID Connect or OAuth authentication.

Drupal AJAX Dashboard versions before 3.1.0 fail to enforce authentication on critical AJAX endpoints, allowing unauthenticated remote attackers to bypass access controls and invoke privileged dashboard functions. The vulnerability affects all versions from 0.0.0 through 3.1.0 (exclusive) and is categorized as a Missing Authentication for Critical Function (CWE-306). No public exploit code or active exploitation via CISA KEV has been confirmed at time of analysis, but the authentication bypass nature of this defect presents significant risk to installations relying on dashboard security.

Forceful browsing attacks in Drupal File Access Fix (deprecated) versions below 1.2.0 allow unauthenticated remote attackers to bypass file access controls and retrieve unauthorized files through direct path enumeration. The vulnerability stems from incorrect authorization validation in the deprecated module (cpe:2.3:a:drupal:file_access_fix_(deprecated):*:*:*:*:*:*:*:*), affecting all versions from 0.0.0 through 1.1.x. No public exploit code or active exploitation has been identified at time of analysis, but the deprecated status and widespread use of Drupal installations increase real-world risk exposure.

Forceful browsing via incorrect authorization in Drupal File Access Fix (deprecated) module versions prior to 1.2.0 allows unauthenticated remote attackers to access files without proper access control checks. The vulnerability stems from CWE-863 (Incorrect Authorization) and affects all versions from 0.0.0 through 1.2.0. No public exploit code or active exploitation has been confirmed at the time of analysis, but the straightforward nature of authorization bypass attacks in file access contexts presents moderate real-world risk to installations still running deprecated versions of this module.

Local processes on macOS can bypass ClearanceKit per-process file access policies by leveraging two unmonitored file operation event types (ES_EVENT_TYPE_AUTH_EXCHANGEDATA and ES_EVENT_TYPE_AUTH_CLONE) in versions prior to 4.2.4. The vulnerability affects ClearanceKit's opfilter system extension, which is designed to intercept and enforce file-system access controls. With a CVSS score of 8.4 indicating high confidentiality and integrity impact, authenticated local attackers with low privileges can circumvent security policies. No public exploit identified at time of analysis, and a vendor-released patch is available in version 4.2.4.

ClearanceKit 4.1 and earlier for macOS allows local authenticated users to completely bypass configured file access policies via seven unmonitored file operation event types. The opfilter Endpoint Security extension only intercepted ES_EVENT_TYPE_AUTH_OPEN events, enabling processes to perform rename, unlink, and five other file operations without policy enforcement or denial logging. Version 4.2 branch contains the fix via commit a3d1733. No public exploit identified at time of analysis, but exploitation requires only local access with low privileges (CVSS PR:L) and no special complexity.

Statamic CMS versions prior to 5.73.16 and 6.7.2 fail to enforce collection-level permissions on entry revision endpoints, allowing authenticated control panel users to view revisions and field data across any collection with revisions enabled regardless of their assigned permissions. The vulnerability also permits unauthenticated revision creation that snapshots existing content without modifying published entries. This represents a medium-severity authorization bypass affecting authenticated attackers with control panel access, with no public exploit identified at time of analysis.

Statamic CMS versions prior to 5.73.16 and 6.7.2 allow authenticated Control Panel users with live preview access to abuse live preview tokens to access restricted content beyond the token's intended scope. This is an authenticated privilege escalation affecting the Statamic CMS product (pkg:composer/statamic_cms) with a CVSS score of 4.3 and low complexity; no public exploit code or active exploitation has been identified at time of analysis.

Tandoor Recipes versions prior to 2.6.0 allow authenticated admin users to bypass space isolation controls and trigger synchronization operations on Sync configurations belonging to other organizational spaces, exposing the ability to initiate Dropbox, Nextcloud, or local imports outside the attacker's own space and access resulting sync logs. The vulnerability stems from missing space validation in the `SyncViewSet.query_synced_folder()` API endpoint, enabling horizontal privilege escalation across multi-tenant deployments. No public exploit code has been identified at the time of analysis.

Prototype pollution in convict npm package version 6.2.4 allows attackers to bypass previous security fixes and pollute Object.prototype through crafted input that manipulates String.prototype.startsWith. The vulnerability affects applications processing untrusted input via convict.set() and can lead to authentication bypass, denial of service, or remote code execution if polluted properties reach dangerous sinks like eval or child_process. A working proof-of-concept exploit demonstrating the bypass technique exists in the advisory.

Prototype pollution in Mozilla's node-convict configuration library allows attackers to inject properties into Object.prototype via two unguarded code paths: config.load()/loadFile() methods that fail to filter forbidden keys during recursive merge operations, and schema initialization accepting constructor.prototype.* keys during default-value propagation. Applications using node-convict (pkg:npm/convict) that process untrusted configuration data face impacts ranging from authentication bypass to remote code execution depending on how polluted properties propagate through the application. This represents an incomplete fix for prior prototype pollution issues (GHSA-44fc-8fm5-q62h), with no public exploit identified at time of analysis.

The AVideo AI plugin's save.json.php endpoint fails to validate that AI-generated responses belong to the target video before applying them, allowing authenticated users to exfiltrate private video metadata and full transcriptions by referencing arbitrary AI response IDs. An attacker with canUseAI permission can steal AI-generated titles, descriptions, keywords, summaries, and complete transcription files from other users' private videos through a simple parameter manipulation attack, then apply this stolen content to their own video for reading. No public exploit is confirmed actively exploited, but proof-of-concept methodology is detailed in the advisory, making this a practical attack for any platform user with basic video ownership.

AVideo playlist video enumeration allows unauthenticated attackers to bypass authorization checks and directly access video contents from private playlists including watch_later and favorite lists via the playlistsVideos.json.php endpoint. Sequential playlist IDs enable trivial enumeration of all users' private viewing habits, favorites, and unlisted custom playlists without authentication. A publicly available proof-of-concept exists demonstrating the vulnerability, which affects WWBN AVideo via Composer package wwbn_avideo.

FileRise versions 2.3.7 through 3.10.0 suffer from improper access control in the file snippet endpoint, allowing authenticated users with read-only access to retrieve file content uploaded by other users in shared folders. An attacker with limited folder permissions can exploit this authorization bypass to view sensitive files beyond their intended access scope. The vulnerability affects FileRise running on PHP and is resolved in version 3.11.0.

Frigate network video recorder versions prior to 0.17.1 allow authenticated users with restricted camera access to enumerate and retrieve snapshots from unauthorized cameras through a two-step authorization bypass in the timeline and snapshot APIs. An attacker with low-privilege credentials limited to one camera can exploit missing validation in the snapshot-clean.webp endpoint to access video evidence from other cameras in the system, compromising the confidentiality of surveillance data across the entire installation. A proof-of-concept exists, though no confirmation of active exploitation in the wild has been reported.

Broken access control in Frigate 0.17.0 allows authenticated non-admin users to retrieve the complete raw configuration file via the `/api/config/raw` endpoint, exposing camera credentials, RTMP stream passwords, MQTT secrets, and proxy authentication tokens that are intentionally redacted from the standard `/api/config` API. The vulnerability stems from inconsistent authorization enforcement between `/api/config/raw_paths` (admin-only) and `/api/config/raw` (authenticated-user-accessible), introduced during an admin-by-default API refactor. Patch version 0.17.1 is available; publicly available exploit code exists but the vulnerability is not confirmed as actively exploited in the wild.

srvx's FastURL pathname parser on Node.js can be bypassed to circumvent route-based middleware (authentication guards, rate limiters) when absolute URIs with non-standard schemes are sent in raw HTTP requests. An attacker sending a crafted request like `GET file://hehe?/internal/run HTTP/1.1` can cause the router to match a different pathname than what downstream middleware sees after a deoptimization occurs, allowing access to protected endpoints. This affects srvx versions prior to 0.11.13, requires direct HTTP request capability (not browser-accessible), and has a CVSS score of 4.8 with medium complexity attack requirements. No public exploit identified at time of analysis.

Cilium Network Policy enforcement is bypassed for traffic from pods to L7 Services with local backends on the same node when Per-Endpoint Routing is enabled and BPF Host Routing is disabled, allowing authenticated local attackers to circumvent ingress network policies and access restricted services. This affects Cilium v1.19.0-v1.19.1, v1.18.0-v1.18.7, and all versions prior to v1.17.13, with the most common vulnerable deployment being Amazon EKS with Cilium ENI mode. Vendor-released patches are available (v1.19.2, v1.18.8, v1.17.14), and no public exploit code has been identified at the time of analysis.

EVerest charging software stack versions prior to 2026.02.0 allow EV operators to bypass remote stop commands issued by a Charging Station Management System (CSMS) by toggling the EV's Battery Control Box (BCB), causing the EVSE to return to PrepareCharging state and restart charging sessions. This circumvents billing, operational, and safety controls enforced by remote stop functionality. A proof-of-concept exists and the vulnerability has been patched in version 2026.02.0, though the attack requires physical proximity to the charging equipment (CVSS attack vector: Physical).

EVerest-core prior to version 2026.02.0 fails to properly terminate EV charging transactions during remote stop operations due to a delayed authorization response that incorrectly restores the authorized flag to true, allowing transactions to remain open even after a PowerOff event triggers stop_transaction(). This authentication bypass affects EV charging infrastructure and enables continued power delivery after an operator-initiated remote stop command. A proof-of-concept exists but no public confirmation of active exploitation has been identified.

EVerest EV charging software before version 2026.02.0 fails to properly stop charging transactions when authorization withdrawal occurs before the TransactionStarted event, allowing attackers with high privileges to bypass deauthorization through precise timing and maintain unauthorized charging sessions. The vulnerability stems from incomplete StopTransaction handling in the Charging state, affecting IoT and Everest Core deployments with no currently available patch.

Mattermost versions 11.2.x through 11.4.x fail to enforce view restrictions on group member endpoints, allowing authenticated guest users to enumerate user IDs beyond their authorized visibility scope. This authorization bypass requires valid credentials but enables attackers to discover internal user information through the group retrieval API. No patch is currently available for affected versions.

Session invalidation failure in HCL Aftermarket DPC versions up to 1.0.0 allows authenticated attackers to maintain active sessions after a password change, enabling persistent account takeover. An attacker who gains initial session access can continue to operate under a compromised account identity even after the victim resets their password, as the application fails to terminate pre-existing sessions upon credential modification. No public exploit code or active exploitation has been identified at time of analysis.

HCL Aftermarket DPC versions up to 1.0.0 are vulnerable to session fixation attacks that enable attackers to hijack user sessions and perform unauthorized transactions without requiring valid credentials. The vulnerability exploits improper session management to allow an attacker to force a victim to use a predetermined session identifier, then leverage that session for fraudulent activity. This is a network-accessible flaw requiring user interaction (e.g., clicking a malicious link) but no prior authentication. No public exploit code or active exploitation has been identified at the time of analysis.

HCL Aftermarket DPC version 1.0.0 enforces weak password policies that enable attackers to conduct brute-force attacks and guess user credentials, potentially gaining unauthorized account access with low confidentiality and availability impact. The vulnerability requires user interaction and high attack complexity to exploit, but affects unauthenticated threat actors over the network. No public exploit code or active exploitation has been identified at the time of analysis.

HCL Aftermarket DPC version 1.0.0 contains a Cross-Origin Resource Sharing (CORS) misconfiguration that permits authenticated attackers with low privileges to access sensitive user information and potentially perform unauthorized actions on behalf of legitimate users through browser-based attacks. The vulnerability requires user interaction (such as social engineering to visit a malicious webpage) and operates within a single security context, limiting its scope to confidentiality impact with no integrity or availability consequences. No public exploit code has been identified at the time of analysis, and the low CVSS score of 2.6 reflects the high attack complexity and limited practical exploitability despite the theoretical risk of data exposure.

Small HTTP Server 3.06.36 allows local attackers with low privileges to execute arbitrary code through an unquoted service path vulnerability in the http.exe service executable. By placing a malicious executable in a higher-priority directory along the unquoted path 'C:\Program Files (x86)\shttps_mg\http.exe service', attackers can achieve full system compromise with high confidentiality, integrity, and availability impact. No public exploit has been identified at time of analysis, and CISA SSVC framework indicates no current exploitation, though technical impact is rated as total.

Small HTTP Server 3.06.36 contains an unquoted service path vulnerability (CWE-428) allowing local authenticated attackers to execute arbitrary code with elevated privileges by placing malicious executables in higher-priority directories. Despite a CVSS 4.0 score of 8.7, real-world risk is significantly lower with only 0.02% EPSS probability (4th percentile) and no public exploit identified at time of analysis. INCIBE has reported this vulnerability with patches available from the vendor.

Vienna Assistant 1.2.542 on macOS allows local privilege escalation through an unauthenticated XPC service endpoint that accepts connections from any process. The vulnerable VSL privileged helper service exposes functions to write arbitrary files to any location and execute arbitrary binaries with any arguments, enabling a low-privileged local user to gain root access. A proof-of-concept exploit exists per SSVC assessment, with an EPSS score of 0.02% indicating low observed exploitation probability in the wild.

HiJiffy Chatbot contains an authorization bypass vulnerability in the /api/v1/webchat/message endpoint that allows unauthenticated attackers to download private messages from arbitrary users by manipulating the 'visitor' parameter. The vulnerability affects all versions of HiJiffy Chatbot (as indicated by the wildcard CPE) and has been reported by INCIBE. No public exploit code or active exploitation has been confirmed at the time of analysis.

An incorrect authorization vulnerability in HiJiffy Chatbot allows unauthenticated attackers to download private messages from arbitrary users by manipulating the 'ID' parameter in the '/api/v1/download/<ID>/' endpoint. This is a classic authorization bypass enabling unauthorized access to sensitive conversation data. No public exploit code or active exploitation has been identified at the time of analysis, though the vulnerability was reported by INCIBE and affects all versions of HiJiffy Chatbot. The exposure is direct and requires only network access to the affected API endpoint.

The Elementor Website Builder plugin for WordPress contains an authorization bypass vulnerability in the is_allowed_to_read_template() function that incorrectly permits authenticated users with contributor-level privileges to read private and draft template content. Attackers can exploit this through the 'get_template_data' action of the 'elementor_ajax' endpoint by supplying a 'template_id' parameter, resulting in exposure of sensitive template information. The vulnerability affects all versions up to and including 3.35.7 with a CVSS score of 4.3 (low-to-moderate severity) and requires low-complexity exploitation with authenticated access.

The FormLift for Infusionsoft Web Forms WordPress plugin contains a missing authorization vulnerability (CWE-862) that allows unauthenticated attackers to hijack the site's Infusionsoft OAuth connection. Affected versions through 7.5.21 fail to validate user authentication on critical OAuth handler methods, enabling attackers to intercept temporary OAuth credentials and inject arbitrary OAuth tokens and app domains via the update_option() function. This is a network-accessible, low-complexity vulnerability with no required privileges; while the CVSS score is moderate (5.3), the real-world impact is integrity compromise of the CRM integration layer, potentially affecting customer data flows and automation.

The Blog2Social plugin for WordPress contains an authorization flaw in the resetSocialMetaTags() function that allows authenticated attackers with Subscriber-level access to permanently delete all social media metadata from the site's post records. The vulnerability exists in all versions up to and including 8.8.2 and affects sites using the Blog2Social: Social Media Auto Post & Scheduler plugin, which is available via the WordPress plugin repository. Attackers can exploit this by crafting AJAX requests with a valid nonce that is broadly available due to the plugin granting the 'blog2social_access' capability to all user roles upon activation, resulting in complete data loss of social media scheduling information across all posts.

The Masteriyo LMS plugin for WordPress contains a critical privilege escalation vulnerability that allows authenticated users with Student-level access or higher to elevate their privileges to administrator level. All versions up to and including 2.1.6 are affected. The vulnerability is exploitable over the network with low attack complexity and requires no user interaction, resulting in a critical CVSS score of 9.8, though the CVSS vector indicates no authentication required (PR:N) which conflicts with the description stating Student-level access is needed.

Improper authentication in the password-protected share handler of Kalcaddle Kodbox 1.64 allows remote attackers to bypass access controls through manipulation of the authentication function, despite high attack complexity. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor.