Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
OAuth2 Proxy has an Authentication Bypass via X-Forwarded-Uri Header Spoofing
Cloud Foundry UAA SAML 2.0 Signature Bypass
OAuth2 Proxy: Health Check User-Agent Matching Bypasses Authentication in auth_request Mode
MaxKB: Sandbox Result Validation Bypass via Tool Output Spoofing
OpenClaw < 2026.3.22 - XFF Loopback Spoofing Bypass in Canvas Authentication and Rate Limiter
OpenClaw < 2026.3.22 - Improper Authentication Verification in Google Chat Webhook
Tmds.DBus: malicious D-Bus peers can spoof signals, exhaust file descriptor resources, and cause denial of service
LobeHub has an unauthenticated authentication bypass on `webapi` routes via forgeable `X-lobe-chat-auth` header
ASGI header spoofing via underscore/hyphen conflation
Electron: Service worker can spoof executeJavaScript IPC replies
OAuthenticator: Authentication Bypass in Auth0OAuthenticator via Unverified Email Claims
Zero-Click Indirect Prompt Injection and Authentication Bypass via Email Polling
Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField
WeChat Pay callback signature verification bypassed when Host header is localhost
PinchTab: Unapplied Rate Limiting Middleware Allows Unbounded Brute-Force of API Token
Sonarr Authentication Bypass vulnerability
NATS Server: Incomplete Stripping of Nats-Request-Info Header Allows Identity Spoofing
NATS: Leafnode connections allow spoofing of Nats-Request-Info identity headers
WordPress My Tickets plugin <= 2.1.1 - Bypass Vulnerability vulnerability
WordPress Subscriptions for WooCommerce plugin <= 1.8.10 - Bypass Vulnerability vulnerability
Showing 1 - 20 of 1,000+ results