Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Tilt: Missing authentication on the network-exposed Tilt HUD server
Deloitte AI Assist for Customer unauthenticated RAG corpus read and write
Deloitte AI Assist for Customer unauthenticated configuration write
9router: Reverse proxy locality collapse allows unauthenticated access to 9router /v1 APIs
ST Engineering iDirect iQ-Series Terminals Missing authentication for critical function
Apache IoTDB: Unauthenticated heap-exhaustion DoS via unbounded allocation in IoTDB AirGap pipe receiver
Hermes WebUI < 0.51.788 Unauthenticated RCE via Terminal API
@arikusi/deepseek-mcp-server Missing Authentication on Self-Hosted HTTP MCP Endpoint
PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)
Mockoon: Unauthenticated admin API + wildcard CORS allows mock-state hijack and secret theft
Superior Court of California Hearing Reminder Service unauthenticated information disclosure
Ruflo: Unauthenticated RCE in MCP bridge default docker-compose deployment
mettle sendportal APIv1 Webhooks mailjet missing authentication
Open WebUI: Unauthenticated WebSocket Access to Collaborative Document Handlers (ydoc:awareness:update, ydoc:document:leave)
Missing authentication in SSH keys synchronization endpoint in Guardian/CMC before 26.2.0
CoreWCF: Unix Domain Socket PosixIdentity transport accepts connections that skip the security upgrade
Fluentd: Exposure of Sensitive Information via Monitor Agent API
Midscene Bridge Server - Session Hijack via Unauthenticated WebSocket
LiteLLM: MCP Authentication Bypass via OAuth2 Passthrough Fallback
Trustyai-service-operator: trustyai service operator: gorch port bypass when auth is enabled
Showing 1 - 20 of 1,000+ results