CWE-287
DiscouragedImproper Authentication
Abstraction: Class · Status: Draft
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
5970 vulnerabilities reference this CWE, most recent first.
CVE-2026-10281 (GCVE-0-2026-10281)
Vulnerability from cvelistv5 – Published: 2026-06-01 18:15 – Updated: 2026-06-01 21:19 X_Open Source| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367574 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/367574/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10281 | third-party-advisory |
| https://vuldb.com/submit/825429 | third-party-advisory |
| https://github.com/Enderfga/claw-orchestrator/issues/61 | exploitissue-tracking |
| https://github.com/Enderfga/claw-orchestrator/com… | patch |
| https://github.com/Enderfga/claw-orchestrator/rel… | patch |
| https://github.com/Enderfga/claw-orchestrator/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| Enderfga | claw-orchestrator |
Affected:
3.5.0
Affected: 3.5.1 Affected: 3.5.2 Affected: 3.5.3 Affected: 3.5.4 Affected: 3.5.5 Unaffected: 3.5.6 cpe:2.3:a:enderfga:claw-orchestrator:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10281",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T21:19:23.470661Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T21:19:41.045Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:enderfga:claw-orchestrator:*:*:*:*:*:*:*:*"
],
"modules": [
"API Endpoint"
],
"product": "claw-orchestrator",
"vendor": "Enderfga",
"versions": [
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.5.2"
},
{
"status": "affected",
"version": "3.5.3"
},
{
"status": "affected",
"version": "3.5.4"
},
{
"status": "affected",
"version": "3.5.5"
},
{
"status": "unaffected",
"version": "3.5.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ybdesire (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in Enderfga claw-orchestrator up to 3.5.5. This affects the function EmbeddedServer of the file src/embedded-server.ts of the component API Endpoint. This manipulation causes missing authentication. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 3.5.6 mitigates this issue. Patch name: d0b02a800aa0689d9428cc4cc170e0b6589fb2c3. The affected component should be upgraded."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T18:15:10.669Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367574 | Enderfga claw-orchestrator API Endpoint embedded-server.ts EmbeddedServer missing authentication",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/367574"
},
{
"name": "VDB-367574 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367574/cti"
},
{
"name": "CVE-2026-10281 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10281"
},
{
"name": "Submit #825429 | Enderfga claw-orchestrator v2.7.1-v3.5.5 Missing Authentication",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/825429"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/Enderfga/claw-orchestrator/issues/61"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Enderfga/claw-orchestrator/commit/d0b02a800aa0689d9428cc4cc170e0b6589fb2c3"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Enderfga/claw-orchestrator/releases/tag/v3.5.6"
},
{
"tags": [
"product"
],
"url": "https://github.com/Enderfga/claw-orchestrator/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-31T18:23:39.000Z",
"value": "VulDB entry last update"
}
],
"title": "Enderfga claw-orchestrator API Endpoint embedded-server.ts EmbeddedServer missing authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10281",
"datePublished": "2026-06-01T18:15:10.669Z",
"dateReserved": "2026-05-31T16:18:35.986Z",
"dateUpdated": "2026-06-01T21:19:41.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10243 (GCVE-0-2026-10243)
Vulnerability from cvelistv5 – Published: 2026-06-01 09:00 – Updated: 2026-06-01 15:23 X_Freeware| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367521 | vdb-entry |
| https://vuldb.com/vuln/367521/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10243 | third-party-advisory |
| https://vuldb.com/submit/823871 | third-party-advisory |
| https://github.com/Xmyronn/smart-parking-system-b… | exploit |
| https://code-projects.org/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| code-projects | Smart Parking System |
Affected:
1.0
cpe:2.3:a:code-projects:smart_parking_system:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10243",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T15:00:26.860506Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T15:23:18.984Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:code-projects:smart_parking_system:*:*:*:*:*:*:*:*"
],
"modules": [
"Admin Endpoint"
],
"product": "Smart Parking System",
"vendor": "code-projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "imad alvi (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in code-projects Smart Parking System 1.0. Affected is an unknown function of the component Admin Endpoint. Such manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Multiple endpoints are affected."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T09:00:13.192Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367521 | code-projects Smart Parking System Admin Endpoint missing authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/367521"
},
{
"name": "VDB-367521 | CTI Indicators (IOB, IOC)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367521/cti"
},
{
"name": "CVE-2026-10243 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10243"
},
{
"name": "Submit #823871 | code-projects Smart Parking System In PHP With Source Code 1.0 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/823871"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Xmyronn/smart-parking-system-broken-access.git"
},
{
"tags": [
"product"
],
"url": "https://code-projects.org/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-31T12:17:08.000Z",
"value": "VulDB entry last update"
}
],
"title": "code-projects Smart Parking System Admin Endpoint missing authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10243",
"datePublished": "2026-06-01T09:00:13.192Z",
"dateReserved": "2026-05-31T10:12:00.665Z",
"dateUpdated": "2026-06-01T15:23:18.984Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10167 (GCVE-0-2026-10167)
Vulnerability from cvelistv5 – Published: 2026-05-31 03:30 – Updated: 2026-06-01 15:24- CWE-287 - Improper Authentication
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367421 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/367421/cti | signaturepermissions-required |
| https://vuldb.com/submit/819157 | third-party-advisory |
| https://github.com/OUSL-GROUP-BrinaryBrains/Schoo… | exploitissue-tracking |
| Vendor | Product | Version | |
|---|---|---|---|
| OUSL-GROUP-BrinaryBrains | School Student Management System |
Affected:
1e70e5ad1125b86dca4ee086eb6bb121f17708b6
cpe:2.3:a:ousl-group-brinarybrains:school_student_management_system:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10167",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T15:17:34.017062Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T15:24:45.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ousl-group-brinarybrains:school_student_management_system:*:*:*:*:*:*:*:*"
],
"modules": [
"MY_Controller"
],
"product": "School Student Management System",
"vendor": "OUSL-GROUP-BrinaryBrains",
"versions": [
{
"status": "affected",
"version": "1e70e5ad1125b86dca4ee086eb6bb121f17708b6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Akirazz (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. This impacts the function sign_auth_cookie of the file application/controllers/Login.php of the component MY_Controller. Executing a manipulation of the argument role can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-31T03:30:09.909Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367421 | OUSL-GROUP-BrinaryBrains School Student Management System MY_Controller Login.php sign_auth_cookie improper authentication",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/367421"
},
{
"name": "VDB-367421 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367421/cti"
},
{
"name": "Submit #819157 | OUSL-GROUP-BrinaryBrains School-Student-Management-System 1.0 Authentication Bypass",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/819157"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/OUSL-GROUP-BrinaryBrains/School-Student-Management-System/issues/24"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-30T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-30T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-30T11:36:11.000Z",
"value": "VulDB entry last update"
}
],
"title": "OUSL-GROUP-BrinaryBrains School Student Management System MY_Controller Login.php sign_auth_cookie improper authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10167",
"datePublished": "2026-05-31T03:30:09.909Z",
"dateReserved": "2026-05-30T09:31:01.086Z",
"dateUpdated": "2026-06-01T15:24:45.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10157 (GCVE-0-2026-10157)
Vulnerability from cvelistv5 – Published: 2026-05-31 00:30 – Updated: 2026-06-02 02:14 X_Open Source- CWE-287 - Improper Authentication
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367410 | vdb-entry |
| https://vuldb.com/vuln/367410/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10157 | third-party-advisory |
| https://vuldb.com/submit/818939 | third-party-advisory |
| https://github.com/open5gs/open5gs/issues/4393 | exploitissue-tracking |
| https://github.com/open5gs/open5gs/pull/4557 | issue-trackingpatch |
| https://github.com/open5gs/open5gs/commit/a188e36… | patch |
| https://github.com/open5gs/open5gs/ | product |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10157",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-02T02:14:23.118606Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T02:14:32.478Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*"
],
"modules": [
"NGAP PathSwitchRequest Message Handler"
],
"product": "Open5GS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.7.0"
},
{
"status": "affected",
"version": "2.7.1"
},
{
"status": "affected",
"version": "2.7.2"
},
{
"status": "affected",
"version": "2.7.3"
},
{
"status": "affected",
"version": "2.7.4"
},
{
"status": "affected",
"version": "2.7.5"
},
{
"status": "affected",
"version": "2.7.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Seungjoon Na (Kookmin University ICSR Lab)"
},
{
"lang": "en",
"type": "finder",
"value": "Jinha Kim (Kookmin University ICSR Lab)"
},
{
"lang": "en",
"type": "reporter",
"value": "Seungjoon Na (VulDB User)"
},
{
"lang": "en",
"type": "analyst",
"value": "Seungjoon Na (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The identifier of the patch is a188e36b1741ffc2252133f59b1bda4f14d3cb5c. It is suggested to install a patch to address this issue."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T13:17:26.518Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367410 | Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/367410"
},
{
"name": "VDB-367410 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367410/cti"
},
{
"name": "CVE-2026-10157 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10157"
},
{
"name": "Submit #818939 | open5gs Open5GS v2.7.6 Improper Authentication",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/818939"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/open5gs/open5gs/issues/4393"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/open5gs/open5gs/pull/4557"
},
{
"tags": [
"patch"
],
"url": "https://github.com/open5gs/open5gs/commit/a188e36b1741ffc2252133f59b1bda4f14d3cb5c"
},
{
"tags": [
"product"
],
"url": "https://github.com/open5gs/open5gs/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-30T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-30T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-01T15:19:23.000Z",
"value": "VulDB entry last update"
}
],
"title": "Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10157",
"datePublished": "2026-05-31T00:30:10.718Z",
"dateReserved": "2026-05-30T06:05:02.777Z",
"dateUpdated": "2026-06-02T02:14:32.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9695 (GCVE-0-2026-9695)
Vulnerability from cvelistv5 – Published: 2026-07-08 05:58 – Updated: 2026-07-08 13:46- CWE-287 - Improper Authentication
| Vendor | Product | Version | |
|---|---|---|---|
| Dassault Systèmes | DELMIA Apriso |
Affected:
Release 2020 Golden , ≤ Release 2020 SP4
(custom)
Affected: Release 2021 Golden , ≤ Release 2021 SP3 (custom) Affected: Release 2022 Golden , ≤ Release 2022 SP4 (custom) Affected: Release 2023 Golden , ≤ Release 2023 SP3 (custom) Affected: Release 2024 Golden , ≤ Release 2024 SP2 (custom) Affected: Release 2025 Golden , ≤ Release 2025 SP1 (custom) Affected: Release 2026 Golden , ≤ Release 2026 SP1 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9695",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T13:46:02.952002Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T13:46:26.318Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DELMIA Apriso",
"vendor": "Dassault Syst\u00e8mes",
"versions": [
{
"lessThanOrEqual": "Release 2020 SP4",
"status": "affected",
"version": "Release 2020 Golden",
"versionType": "custom"
},
{
"lessThanOrEqual": "Release 2021 SP3",
"status": "affected",
"version": "Release 2021 Golden",
"versionType": "custom"
},
{
"lessThanOrEqual": "Release 2022 SP4",
"status": "affected",
"version": "Release 2022 Golden",
"versionType": "custom"
},
{
"lessThanOrEqual": "Release 2023 SP3",
"status": "affected",
"version": "Release 2023 Golden",
"versionType": "custom"
},
{
"lessThanOrEqual": "Release 2024 SP2",
"status": "affected",
"version": "Release 2024 Golden",
"versionType": "custom"
},
{
"lessThanOrEqual": "Release 2025 SP1",
"status": "affected",
"version": "Release 2025 Golden",
"versionType": "custom"
},
{
"lessThanOrEqual": "Release 2026 SP1",
"status": "affected",
"version": "Release 2026 Golden",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Authentication vulnerability affecting DELMIA Apriso from Release 2020 through Release 2026 could allow an attacker to gain privileged access to the server."
}
],
"value": "An Improper Authentication vulnerability affecting DELMIA Apriso from Release 2020 through Release 2026 could allow an attacker to gain privileged access to the server."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T05:58:50.169Z",
"orgId": "f5a594e6-46a7-4e60-8a08-0a786e70e433",
"shortName": "3DS"
},
"references": [
{
"url": "https://www.3ds.com/trust-center/security/security-advisories/cve-2026-9695"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Authentication vulnerability affecting DELMIA Apriso from Release 2020 through Release 2026",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f5a594e6-46a7-4e60-8a08-0a786e70e433",
"assignerShortName": "3DS",
"cveId": "CVE-2026-9695",
"datePublished": "2026-07-08T05:58:50.169Z",
"dateReserved": "2026-05-27T11:13:55.994Z",
"dateUpdated": "2026-07-08T13:46:26.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9398 (GCVE-0-2026-9398)
Vulnerability from cvelistv5 – Published: 2026-05-24 20:45 – Updated: 2026-05-29 18:17| URL | Tags |
|---|---|
| https://vuldb.com/vuln/365379 | vdb-entry |
| https://vuldb.com/vuln/365379/cti | signaturepermissions-required |
| https://vuldb.com/submit/813577 | third-party-advisory |
| https://github.com/carfeii/besen#finding-5-unauth… | related |
| Vendor | Product | Version | |
|---|---|---|---|
| Besen | BS20 EV Charging Station |
Affected:
20260426
cpe:2.3:a:besen:bs20_ev_charging_station:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9398",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-29T18:17:43.949035Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-29T18:17:55.433Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:besen:bs20_ev_charging_station:*:*:*:*:*:*:*:*"
],
"modules": [
"BLE/WiFi"
],
"product": "BS20 EV Charging Station",
"vendor": "Besen",
"versions": [
{
"status": "affected",
"version": "20260426"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "carfeii (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in Besen BS20 EV Charging Station up to 20260426. This affects an unknown part of the component BLE/WiFi. Such manipulation leads to authentication bypass by capture-replay. The attack must be carried out from within the local network. Attacks of this nature are highly complex. It is indicated that the exploitability is difficult. The original disclosure mentions, that \"[t]hese vulnerabilities have been reported to Besen and we have received their acknowlegement that they are reviewing this as of April 2026.\""
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-294",
"description": "Authentication Bypass by Capture-replay",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-24T20:45:08.425Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-365379 | Besen BS20 EV Charging Station BLE/WiFi authentication replay",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/365379"
},
{
"name": "VDB-365379 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/365379/cti"
},
{
"name": "Submit #813577 | Besen EV Charging Station BS20 EV Charger Improper Authorization",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/813577"
},
{
"tags": [
"related"
],
"url": "https://github.com/carfeii/besen#finding-5-unauthorized-tampering-of-charger-commands"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-24T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-24T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-24T08:24:19.000Z",
"value": "VulDB entry last update"
}
],
"title": "Besen BS20 EV Charging Station BLE/WiFi authentication replay"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-9398",
"datePublished": "2026-05-24T20:45:08.425Z",
"dateReserved": "2026-05-24T06:19:03.634Z",
"dateUpdated": "2026-05-29T18:17:55.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9373 (GCVE-0-2026-9373)
Vulnerability from cvelistv5 – Published: 2026-05-24 10:15 – Updated: 2026-05-26 13:29- CWE-287 - Improper Authentication
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/365337 | vdb-entry |
| https://vuldb.com/vuln/365337/cti | signaturepermissions-required |
| https://vuldb.com/submit/813251 | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9373",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T13:29:38.113529Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T13:29:46.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:jeecgboot:jeecgboot:*:*:*:*:*:*:*:*"
],
"modules": [
"OpenAPI Endpoint"
],
"product": "JeecgBoot",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.9.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "feng123123 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in JeecgBoot 3.9.1. This issue affects some unknown processing of the file /openapi/call/ of the component OpenAPI Endpoint. Such manipulation leads to improper authentication. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is assessed as difficult. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-24T10:15:10.683Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-365337 | JeecgBoot OpenAPI Endpoint call improper authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/365337"
},
{
"name": "VDB-365337 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/365337/cti"
},
{
"name": "Submit #813251 | jeecgboot JeecgBoot 3.9.1 Improper Authentication",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/813251"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-23T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-23T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-23T16:17:55.000Z",
"value": "VulDB entry last update"
}
],
"title": "JeecgBoot OpenAPI Endpoint call improper authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-9373",
"datePublished": "2026-05-24T10:15:10.683Z",
"dateReserved": "2026-05-23T14:12:51.249Z",
"dateUpdated": "2026-05-26T13:29:46.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9371 (GCVE-0-2026-9371)
Vulnerability from cvelistv5 – Published: 2026-05-24 09:45 – Updated: 2026-05-26 14:32| URL | Tags |
|---|---|
| https://vuldb.com/vuln/365334 | vdb-entry |
| https://vuldb.com/vuln/365334/cti | signaturepermissions-required |
| https://vuldb.com/submit/813209 | third-party-advisory |
| https://vuldb.com/submit/813210 | third-party-advisory |
| https://github.com/ItzCrazyKns/Vane/issues/1122 | issue-tracking |
| https://github.com/ItzCrazyKns/Vane/issues/1123 | exploitissue-tracking |
| https://github.com/ItzCrazyKns/Vane/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| ItzCrazyKns | Vane |
Affected:
1.12.0
Affected: 1.12.1 cpe:2.3:a:itzcrazykns:vane:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9371",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T14:32:41.430840Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T14:32:47.756Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:itzcrazykns:vane:*:*:*:*:*:*:*:*"
],
"modules": [
"API"
],
"product": "Vane",
"vendor": "ItzCrazyKns",
"versions": [
{
"status": "affected",
"version": "1.12.0"
},
{
"status": "affected",
"version": "1.12.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Yu-Bao (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in ItzCrazyKns Vane up to 1.12.1. Affected by this issue is some unknown functionality of the file route.ts of the component API. The manipulation leads to missing authentication. The attack may be initiated remotely. The attack\u0027s complexity is rated as high. The exploitation is known to be difficult. The exploit has been disclosed publicly and may be used. It appears that basic authentication is planned."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:W/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-24T09:45:12.809Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-365334 | ItzCrazyKns Vane API route.ts missing authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/365334"
},
{
"name": "VDB-365334 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/365334/cti"
},
{
"name": "Submit #813209 | ItzCrazyKns Vane 1.12.1 API Key Exposure",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/813209"
},
{
"name": "Submit #813210 | ItzCrazyKns Vane 1.12.1 Missing Authentication for Critical Function (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/813210"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/ItzCrazyKns/Vane/issues/1122"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/ItzCrazyKns/Vane/issues/1123"
},
{
"tags": [
"product"
],
"url": "https://github.com/ItzCrazyKns/Vane/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-23T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-23T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-23T16:05:11.000Z",
"value": "VulDB entry last update"
}
],
"title": "ItzCrazyKns Vane API route.ts missing authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-9371",
"datePublished": "2026-05-24T09:45:12.809Z",
"dateReserved": "2026-05-23T13:49:07.801Z",
"dateUpdated": "2026-05-26T14:32:47.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9084 (GCVE-0-2026-9084)
Vulnerability from cvelistv5 – Published: 2026-05-20 14:22 – Updated: 2026-05-20 15:28- CWE-287 - Improper Authentication
| URL | Tags |
|---|---|
| https://github.com/MISP/MISP/commit/71f5662c1b588… | patch |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9084",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-20T15:28:48.726589Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-20T15:28:55.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "misp",
"vendor": "misp",
"versions": [
{
"lessThanOrEqual": "2.5.37",
"status": "affected",
"version": "2.5.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ali Ganiyev"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Luciano Righetti"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "MISP\u2019s OIDC authentication plugin allowed automatic linking of an OIDC identity to an existing local user account based on the \u003ccode\u003eemail\u003c/code\u003e claim when the local account had no stored \u003ccode\u003esub\u003c/code\u003e value. Under insecure or untrusted IdP configurations where email ownership is not enforced, an attacker with a valid OIDC token could assert a victim\u2019s email address and authenticate as that user, leading to account takeover.\u003cbr\u003e"
}
],
"value": "MISP\u2019s OIDC authentication plugin allowed automatic linking of an OIDC identity to an existing local user account based on the email claim when the local account had no stored sub value. Under insecure or untrusted IdP configurations where email ownership is not enforced, an attacker with a valid OIDC token could assert a victim\u2019s email address and authenticate as that user, leading to account takeover."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-20T14:22:59.019Z",
"orgId": "5a6e4751-2f3f-4070-9419-94fb35b644e8",
"shortName": "CIRCL"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/MISP/MISP/commit/71f5662c1b5886613d2cd5c72fd93bb4ca6fa172"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "MISP OIDC authentication bypass via automatic email-based account linking under insecure IdP configurations",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5a6e4751-2f3f-4070-9419-94fb35b644e8",
"assignerShortName": "CIRCL",
"cveId": "CVE-2026-9084",
"datePublished": "2026-05-20T14:22:59.019Z",
"dateReserved": "2026-05-20T14:21:56.589Z",
"dateUpdated": "2026-05-20T15:28:55.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8994 (GCVE-0-2026-8994)
Vulnerability from cvelistv5 – Published: 2026-05-27 05:31 – Updated: 2026-05-27 10:31- CWE-287 - Improper Authentication
| Vendor | Product | Version | |
|---|---|---|---|
| learnnearclub | Login with NEAR |
Affected:
0 , ≤ 0.3.3
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-27T10:20:41.307499Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T10:31:17.186Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Login with NEAR",
"vendor": "learnnearclub",
"versions": [
{
"lessThanOrEqual": "0.3.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joy Gilbert"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Login with NEAR plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.3.3. The `ajaxLoginWithNear()` function \u2014 registered as a `wp_ajax_nopriv` action and therefore reachable by unauthenticated users \u2014 accepts an attacker-supplied `account` POST parameter and issues a valid WordPress authentication cookie based solely on a substring check for `.near`, with no nonce verification, cryptographic signature validation, challenge-response exchange, or any proof that the requester controls the corresponding NEAR wallet. This makes it possible for unauthenticated attackers to log in as any existing WordPress user, including administrators, whose email address matches the deterministic `\u003caccount\u003e@near.org` pattern derived from the supplied `account` value. If no matching user exists, the handler automatically creates and authenticates a new WordPress account for the attacker-controlled identifier, providing a further avenue for unauthorized account creation."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T05:31:33.741Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f1eacb72-df11-4a3b-9064-f8f776f3522b?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/near-login/trunk/Controllers/UserLoginController.php#L46"
},
{
"url": "https://plugins.trac.wordpress.org/browser/near-login/trunk/Controllers/UserLoginController.php#L29"
},
{
"url": "https://plugins.trac.wordpress.org/browser/near-login/trunk/Controllers/UserLoginController.php#L16"
},
{
"url": "https://plugins.trac.wordpress.org/browser/near-login/trunk/Controllers/UserLoginController.php#L76"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-26T17:24:04.000Z",
"value": "Disclosed"
}
],
"title": "Login with NEAR \u003c= 0.3.3 - Authentication Bypass via \u0027account\u0027 Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-8994",
"datePublished": "2026-05-27T05:31:33.741Z",
"dateReserved": "2026-05-19T13:27:21.764Z",
"dateUpdated": "2026-05-27T10:31:17.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Strategy: Libraries or Frameworks
Use an authentication framework or library such as the OWASP ESAPI Authentication feature.
CAPEC-114: Authentication Abuse
An attacker obtains unauthorized access to an application, service or device either through knowledge of the inherent weaknesses of an authentication mechanism, or by exploiting a flaw in the authentication scheme's implementation. In such an attack an authentication mechanism is functioning but a carefully controlled sequence of events causes the mechanism to grant access to the attacker.
CAPEC-115: Authentication Bypass
An attacker gains access to application, service, or device with the privileges of an authorized or privileged user by evading or circumventing an authentication mechanism. The attacker is therefore able to access protected data without authentication ever having taken place.
CAPEC-151: Identity Spoofing
Identity Spoofing refers to the action of assuming (i.e., taking on) the identity of some other entity (human or non-human) and then using that identity to accomplish a goal. An adversary may craft messages that appear to come from a different principle or use stolen / spoofed authentication credentials.
CAPEC-194: Fake the Source of Data
An adversary takes advantage of improper authentication to provide data or services under a falsified identity. The purpose of using the falsified identity may be to prevent traceability of the provided data or to assume the rights granted to another individual. One of the simplest forms of this attack would be the creation of an email message with a modified "From" field in order to appear that the message was sent from someone other than the actual sender. The root of the attack (in this case the email system) fails to properly authenticate the source and this results in the reader incorrectly performing the instructed action. Results of the attack vary depending on the details of the attack, but common results include privilege escalation, obfuscation of other attacks, and data corruption/manipulation.
CAPEC-22: Exploiting Trust in Client
An attack of this type exploits vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by communicating directly with the server where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
CAPEC-57: Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
This attack utilizes a REST(REpresentational State Transfer)-style applications' trust in the system resources and environment to obtain sensitive data once SSL is terminated.
CAPEC-593: Session Hijacking
This type of attack involves an adversary that exploits weaknesses in an application's use of sessions in performing authentication. The adversary is able to steal or manipulate an active session and use it to gain unathorized access to the application.
CAPEC-633: Token Impersonation
An adversary exploits a weakness in authentication to create an access token (or equivalent) that impersonates a different entity, and then associates a process/thread to that that impersonated token. This action causes a downstream user to make a decision or take action that is based on the assumed identity, and not the response that blocks the adversary.
CAPEC-650: Upload a Web Shell to a Web Server
By exploiting insufficient permissions, it is possible to upload a web shell to a web server in such a way that it can be executed remotely. This shell can have various capabilities, thereby acting as a "gateway" to the underlying web server. The shell might execute at the higher permission level of the web server, providing the ability the execute malicious code at elevated levels.
CAPEC-94: Adversary in the Middle (AiTM)
An adversary targets the communication between two components (typically client and server), in order to alter or obtain data from transactions. A general approach entails the adversary placing themself within the communication channel between the two components.