Search Vulnerabilities

Account Takeover via Substring Matching in OpenID Connect Authentication

Mar 25, 2026

CVE-2026-32953

Tillitis: TKey Client has an Error in Protocol Implementation

Mar 20, 2026

CVE-2026-29515

MiCode FileExplorer SwiFTP Server Authentication Bypass

Mar 11, 2026

CVE-2019-25436

Sricam DeviceViewer 3.12.0.1 Password Change Security Bypass

Feb 20, 2026

CVE-2026-0999

Authentication bypass via userID login when email and username login are disabled

Feb 16, 2026

CVE-2025-14510

ABB Ability OPTIMAX Authentication Bypass in Single-Sign On

Jan 16, 2026

CVE-2025-4676

Authentication bypass by brute forcing Authentication Headers

Jan 7, 2026

CVE-2025-14273

Mattermost Jira plugin user spoofing enables Jira request forgery.

Dec 22, 2025

CVE-2025-66489

Cal.com Authentication Bypass via bad TOTP + password checks

CVE-2025-13390

WP Directory Kit <= 1.4.4 - Authentication Bypass to Privilege Escalation via Account Takeover

CVE-2025-12421

Account Takeover via Code Exchange Endpoint

CVE-2025-12419

Account takeover on OAuth/OpenID-enabled servers

CVE-2025-53782

Microsoft Exchange Server Elevation of Privilege Vulnerability

Oct 14, 2025

CVE-2025-61783

Python Social Auth - Django has unsafe account association

Oct 9, 2025

CVE-2025-43727

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7

Oct 7, 2025

CVE-2025-57808

ESP-IDF web_server basic auth bypass using empty or incomplete Authorization header

Sep 2, 2025

CVE-2025-43856

immich allows account hijacking through oauth2

Jul 11, 2025

CVE-2025-48994

SignXML's signature verification with HMAC is vulnerable to an algorithm confusion attack

Jun 2, 2025

CVE-2025-3230

Bypass of System Admin User Deactivation Controls for Personal Access Tokens in Mattermost Server

CVE-2025-2571

Google OAuth Authentication Bypass for Converted Bot Accounts

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-27656

Account Takeover via Substring Matching in OpenID Connect Authentication

Mar 25, 2026

CVE-2026-32953

Tillitis: TKey Client has an Error in Protocol Implementation

Mar 20, 2026

CVE-2026-29515

MiCode FileExplorer SwiFTP Server Authentication Bypass

Mar 11, 2026

CVE-2019-25436

Sricam DeviceViewer 3.12.0.1 Password Change Security Bypass

Feb 20, 2026

CVE-2026-0999

Authentication bypass via userID login when email and username login are disabled

Feb 16, 2026

CVE-2025-14510

ABB Ability OPTIMAX Authentication Bypass in Single-Sign On

Jan 16, 2026

CVE-2025-4676

Authentication bypass by brute forcing Authentication Headers

Jan 7, 2026

CVE-2025-14273

Mattermost Jira plugin user spoofing enables Jira request forgery.

Dec 22, 2025

CVE-2025-66489

Cal.com Authentication Bypass via bad TOTP + password checks

CVE-2025-13390

WP Directory Kit <= 1.4.4 - Authentication Bypass to Privilege Escalation via Account Takeover

CVE-2025-12421

Account Takeover via Code Exchange Endpoint

CVE-2025-12419

Account takeover on OAuth/OpenID-enabled servers

CVE-2025-53782

Microsoft Exchange Server Elevation of Privilege Vulnerability

Oct 14, 2025

CVE-2025-61783

Python Social Auth - Django has unsafe account association

Oct 9, 2025

CVE-2025-43727

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7

Oct 7, 2025

CVE-2025-57808

ESP-IDF web_server basic auth bypass using empty or incomplete Authorization header

Sep 2, 2025

CVE-2025-43856

immich allows account hijacking through oauth2

Jul 11, 2025

CVE-2025-48994

SignXML's signature verification with HMAC is vulnerable to an algorithm confusion attack

Jun 2, 2025

CVE-2025-3230

Bypass of System Admin User Deactivation Controls for Personal Access Tokens in Mattermost Server

CVE-2025-2571

Google OAuth Authentication Bypass for Converted Bot Accounts