CWE-287— Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.— MITRE CWE catalog
4,480 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-287page 85 of 90
- CVE-2026-26128HIGHCVSS 7.8EG 7.82026-03-10
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
- CVE-2026-26141HIGHCVSS 7.8EG 7.82026-03-10
Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally.
- CVE-2026-27134HIGHCVSS 8.1EG 8.12026-02-21
Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. In versions 0.49.0 through 0.50.0, when using a custom Cluster or Clients CA with a multistage CA chain consisting of m…
- CVE-2026-2756MEDIUMCVSS 5.0EG 5.02026-03-21
A security vulnerability has been detected in OmniPEMF NeoRhythm up to 20260308. This affects an unknown function of the component BLE Interface. Such manipulation leads to missing authentication. The attack can only be initiated within th…
- CVE-2026-27856MEDIUMCVSS 5.9EG 7.42026-03-27
Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the configured credentials. Figuring out the credential will lead into full access to the affected…
- CVE-2026-27960CRITICALCVSS 9.8EG 9.82026-05-05
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. In versions 6.6.0 through 6.9.12, there is a privilege escalation vulnerability that can be exploited by unauthenticated attackers to quer…
- CVE-2026-2812MEDIUMCVSS 5.3EG 5.32026-05-20
ArcGIS Server contains an improper authentication vulnerability in an undocumented administrative endpoint. An unauthenticated attacker could exploit this issue by sending a crafted request to the endpoint. Successful exploitation may resu…
- CVE-2026-29145CRITICALCVSS 9.1EG 9.12026-04-09
CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M7 thro…
- CVE-2026-2991HIGHCVSS 7.3EG 9.82026-03-18
The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 4.1.2. This is due to the `patientSocialLogin()` function not verifying the social …
- CVE-2026-3053HIGHCVSS 7.3EG 7.32026-02-24
A vulnerability was determined in DataLinkDC dinky up to 1.2.5. This affects the function addInterceptors of the file dinky-admin/src/main/java/org/dinky/configure/AppConfig.java of the component OpenAPI Endpoint. Executing a manipulation …
- CVE-2026-31387MEDIUMCVSS 5.3EG 5.32026-05-19
Improper Authentication vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
- CVE-2026-3192MEDIUMCVSS 5.6EG 5.62026-02-25
A security vulnerability has been detected in Chia Blockchain 2.1.0. This issue affects the function _authenticate of the file rpc_server_base.py of the component RPC Credential Handler. The manipulation leads to improper authentication. T…
- CVE-2026-3194MEDIUMCVSS 4.5EG 4.52026-02-25
A flaw has been found in Chia Blockchain 2.1.0. The affected element is the function send_transaction/get_private_key of the component RPC Server Master Passphrase Handler. This manipulation causes missing authentication. The attack can on…
- CVE-2026-32072MEDIUMCVSS 6.2EG 6.22026-04-14
Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.
- CVE-2026-32173HIGHCVSS 8.6EG 8.62026-04-03
Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network.
- CVE-2026-32174HIGHCVSS 7.7EG 7.72026-06-18
Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network.
- CVE-2026-32253CRITICALCVSS 9.8EG 9.82026-05-22
Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because of how OpenSSL verification results are handled. In src/crypto.cpp, the custom ve…
- CVE-2026-32305MEDIUMCVSS 5.3EG 5.32026-03-20
Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 are vulnerable to mTLS bypass through the TLS SNI pre-sniffing logic related to fragmented ClientHello packets. When…
- CVE-2026-32804HIGHCVSS 8.1EG 8.12026-06-17
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Unauthorized access.
- CVE-2026-33117CRITICALCVSS 9.1EG 9.12026-05-12
The Java Key Vault Keys library in the Azure SDK for Java contains an issue in the local cryptographic verification path where authentication tag comparison was implemented incorrectly. In affected applications that use the vulnerable loca…
- CVE-2026-33175HIGHCVSS 8.8EG 8.82026-04-03
OAuthenticator is software that allows OAuth2 identity providers to be plugged in and used with JupyterHub. Prior to version 17.4.0, an authentication bypass vulnerability in oauthenticator allows an attacker with an unverified email addre…
- CVE-2026-33322CRITICALCVSS 9.8EG 9.82026-03-24
MinIO is a high-performance object storage system. From RELEASE.2022-11-08T05-27-07Z to before RELEASE.2026-03-17T21-25-16Z, a JWT algorithm confusion vulnerability in MinIO's OpenID Connect authentication allows an attacker who knows the …
- CVE-2026-33377HIGHCVSS 7.1EG 7.12026-05-13
An Editor can overwrite a dashboard not owned by them to acquire admin on that specific dashboard. The user must have write access to the dashboard to escalate privilege.
- CVE-2026-33432CRITICALCVSS 9.1EG 9.12026-04-20
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions up to and including 8.2.8.2, when LDAP authentication is enabled, Roxy-WI constructs an LDAP search filter by directly concatenating the use…
- CVE-2026-33746CRITICALCVSS 9.8EG 9.82026-04-02
Convoy is a KVM server management panel for hosting businesses. From version 3.9.0-beta to before version 4.5.1, the JWTService::decode() method did not verify the cryptographic signature of JWT tokens. While the method configured a symmet…
- CVE-2026-34072CRITICALCVSS 9.8EG 9.82026-04-01
Cr*nMaster (cronmaster) is a Cronjob management UI with human readable syntax, live logging and log history for cronjobs. Prior to version 2.2.0, an authentication bypass in middleware allows unauthenticated requests with an invalid sessio…
- CVE-2026-34121HIGHCVSS 8.8EG 8.82026-04-02
An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v2.6 was identified, due to inconsistent parsing and authorization logic in JSON requests during authentication check. …
- CVE-2026-34123HIGHCVSS 7.0EG 7.02026-06-05
On Tapo C520WS v2, restricted accounts (for example, hub users) are intended to execute only a limited set of low‑sensitivity operations. Due to a logic flaw in the device’s API authorization mechanism, an attacker can craft requests t…
- CVE-2026-34204HIGHCVSS 7.1EG 7.12026-03-31
MinIO is a high-performance object storage system. Prior to version RELEASE.2026-03-26T21-24-40Z, a flaw in extractMetadataFromMime() allows any authenticated user with s3:PutObject permission to inject internal server-side encryption meta…
- CVE-2026-34500MEDIUMCVSS 6.5EG 6.52026-04-09
CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled and FFM is used in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M14 through 11.0.20, from 10.1.22 through 10.1.53, from 9.0…
- CVE-2026-34531MEDIUMCVSS 6.5EG 6.52026-04-01
Flask-HTTPAuth provides Basic, Digest and Token HTTP authentication for Flask routes. Prior to version 4.8.1, in a situation where the client makes a request to a token protected resource without passing a token, or passing an empty token,…
- CVE-2026-34727HIGHCVSS 7.4EG 7.42026-04-10
Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the OIDC callback handler issues a full JWT token without checking whether the matched user has TOTP two-factor authentication enabled. When a local user with …
- CVE-2026-34736MEDIUMCVSS 5.3EG 5.32026-04-02
Open edX Platform enables the authoring and delivery of online learning at any scale. From the maple release to before the ulmo release, an unauthenticated attacker can fully bypass the email verification process by combining two issues: t…
- CVE-2026-34834HIGHCVSS 7.5EG 7.52026-04-02
Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to version 1.4.10, the verifyIdentity() function contained logic that returned true if no session cookies were present. This allowed unauthenticated attackers …
- CVE-2026-34873CRITICALCVSS 9.1EG 9.12026-04-01
An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session.
- CVE-2026-34917MEDIUMCVSS 4.3EG 4.32026-06-23
Low‑privileged session IDs generated for the web admin console could be reused in the XML‑RPC API, whose authentication is normally restricted to admin users. An attacker could leverage this to gain unauthorised access and exploit API�…
- CVE-2026-34990HIGHCVSS 7.8EG 7.82026-04-03
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP servi…
- CVE-2026-35030CRITICALCVSS 9.1EG 9.12026-04-06
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, when JWT authentication is enabled (enable_jwt_auth: true), the OIDC userinfo cache uses token[:20] as the cache key. JWT headers produc…
- CVE-2026-35261MEDIUMCVSS 6.5EG 6.52026-06-17
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticate…
- CVE-2026-35579CRITICALCVSS 9.8EG 9.82026-05-05
CoreDNS is a DNS server written in Go. In versions prior to 1.14.3, the gRPC, QUIC, DoH, and DoH3 transport implementations incorrectly handle TSIG authentication. For gRPC and QUIC, the server checks whether the TSIG key name exists in th…
- CVE-2026-35903CRITICALCVSS 9.8EG 9.82026-04-27
MERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication vulnerability in the RTSP service. After successful Digest authentication in an initial DESCRIBE request, the device does not verify the Digest re…
- CVE-2026-3655CRITICALCVSS 9.8EG 9.82026-05-29
The OTP Login With Phone Number, OTP Verification plugin for WordPress is vulnerable to authentication bypass in versions 1.8.50 through 1.8.60. This is due to the Firebase verification flow in the `lwp_ajax_register` AJAX handler not bind…
- CVE-2026-36727CRITICALCVSS 9.1EG 9.12026-06-09
An insecure authentication vulnerability in the /api/social-sign-in endpoint of bookcars v8.3 allows attackers to bypass authentication via a forged JWT token.
- CVE-2026-36829CRITICALCVSS 9.8EG 9.82026-05-19
An authentication bypass vulnerability exists in the embedded HTTP server of Panabit PAP-XM320 up to and including v7.7. The server validates session cookies using a filesystem existence check based on a user-controlled cookie value withou…
- CVE-2026-37270CRITICALCVSS 9.8EG 9.82026-07-07
Trueview Security camera T18161- AF v4.9.60.0 contains an authentication bypass vulnerability caused by improper password validation and the presence of hard-coded credentials in the firmware.
- CVE-2026-37271CRITICALCVSS 9.8EG 9.82026-07-07
Fire-Boltt Smartwatch FB BGS001 Firmware: MOY-JS14-2.0.4 is vulnerable to Improper Authentication, The device accepts GATT Write Request commands without sufficient authentication or strong session validation. Under specific conditions, pr…
- CVE-2026-3739MEDIUMCVSS 6.3EG 6.32026-03-08
A security flaw has been discovered in suitenumerique messages 0.2.0. This issue affects the function ThreadAccessSerializer of the file src/backend/core/api/serializers.py of the component ThreadAccess. The manipulation results in imprope…
- CVE-2026-3794HIGHCVSS 7.3EG 7.32026-03-09
A vulnerability was identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the file /api/v1/mail/send of the component Email API. Such manipulation leads to improper authentication. It is possible to launch the…
- CVE-2026-39322HIGHCVSS 8.8EG 8.82026-04-07
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, POST /api/v1/auth/sign-in creates a valid session for banned accounts before verifying the supplied password. That session is then accepted across authe…
- CVE-2026-39324CRITICALCVSS 9.8EG 9.82026-04-07
Rack::Session is a session management implementation for Rack. From 2.0.0 to before 2.1.2, Rack::Session::Cookie incorrectly handles decryption failures when configured with secrets:. If cookie decryption fails, the implementation falls ba…
Map vulnerabilities like CWE-287 to your infrastructure
EchelonGraph correlates every CVE — across CWE-287 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →