Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Hydro-Québec Le Circuit Electrique charging station backend Improper Restriction of Excessive Authentication Attempts
Login Disable - Moderately critical - Access bypass - SA-CONTRIB-2026-070
9router: Login brute-force protection bypass via spoofed X-Forwarded-For header
Account Denial of Service in MCO
Improper Restriction of Excessive Authentication Attempts in KTM System e-BOK
PayloadCMS 3.84.1 - Authenticated account lockout bypass through default unlock access
EVoke Systems EVoke CSMS Improper Restriction of Excessive Authentication Attempts
NocoDB: User Enumeration via Sign-In Timing
Capgo - Password Spraying via Public-Key Accessible Credential Validation Endpoint
AIL Framework - Missing Rate Limiting Enables Brute-Force Attacks Against Two-Factor Authentication Codes
Authelia Missing Username Canonicalization in Basic Auth (LDAP)
OTP Bypass in Başbelen Group's Pause+ Mobile App
Nexus Repository Manager - Improper Restriction of Excessive Authentication Attempts
FOSSBilling's password reset confirmation endpoint lacks rate limiting
unitedbyai droidclaw claim Endpoint pairing.ts excessive authentication
Indian Scout Bobber 2025 WCM brute-force
Better Auth: Rate limiter keys IPv6 addresses individually and is bypassable via prefix rotation
phpMyFAQ - Authentication Bypass via Missing Password Reset Token in /api/user/password/update
Login with OTP <= 1.6 - Unauthenticated Authentication Bypass via OTP Brute Force
OTP Bypass in TEİAŞ's Mobile Application
Showing 1 - 20 of 1,000+ results