CWE-288— Authentication Bypass Using an Alternate Path or Channel
The product requires authentication, but the product has an alternate path or channel that does not require authentication.— MITRE CWE catalog
581 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-288page 10 of 12
- CVE-2025-8995CRITICALCVSS 9.8EG 9.82025-08-15
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4.
- CVE-2025-9313CRITICALCVSS 9.3EG 9.32025-10-28
An unauthenticated user can connect to a publicly accessible database using arbitrary credentials. The system grants full access to the database by leveraging a previously authenticated connection through a "mmBackup" application. This fla…
- CVE-2025-9914HIGHCVSS 7.5EG 4.32025-10-06
The credentials of the users stored in the system's local database can be used for the log in, making it possible for an attacker to gain unauthorized access. This could potentially affect the confidentiality of the application.
- CVE-2025-9967CRITICALCVSS 9.8EG 9.82025-10-15
The Orion SMS OTP Verification plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.7. This is due to the plugin not properly validating a user's identity prior to updati…
- CVE-2026-0948MEDIUMCVSS 6.5EG 6.52026-02-04
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Microsoft Entra ID SSO Login allows Privilege Escalation.This issue affects Microsoft Entra ID SSO Login: from 0.0.0 before 1.0.4.
- CVE-2026-10523CRITICALCVSS 9.8EG 9.92026-06-09
An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative ac…
- CVE-2026-12225HIGHCVSS 8.7EG 8.72026-06-16
syracom AG Secure Login (2FA) for Atlassian Jira, Confluence, and Bitbucket 3.4.0.x contains an authentication bypass vulnerability. An attacker with valid credentials for a user account can bypass the two-factor authentication flow by sen…
- CVE-2026-1241NONECVSS 0.0EG 8.72026-02-26
The Pelco, Inc. Sarix Professional 3 Series Cameras are vulnerable to an authentication bypass issue in their web management interface. The flaw stems from inadequate enforcement of access controls, allowing certain functionality to be acc…
- CVE-2026-12579HIGHCVSS 7.4EG 7.42026-07-01
AS228T with Authentication Bypass Vulnerability
- CVE-2026-1603HIGHCVSS 8.6EG 9.0⚠ KEV2026-02-10
An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.
- CVE-2026-1618HIGHCVSS 8.8EG 8.82026-02-13
Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation. This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36.
- CVE-2026-1779HIGHCVSS 8.1EG 8.12026-02-26
The User Registration & Membership plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.2. This is due to incorrect authentication in the 'register_member' function. This makes it possible for u…
- CVE-2026-1917MEDIUMCVSS 4.3EG 7.32026-03-25
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Login Disable allows Functionality Bypass.This issue affects Login Disable: from 0.0.0 before 2.1.3.
- CVE-2026-20459MEDIUMCVSS 5.3EG 5.32026-07-01
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges nee…
- CVE-2026-20460MEDIUMCVSS 5.3EG 5.32026-07-01
In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution…
- CVE-2026-2095CRITICALCVSS 9.8EG 9.82026-02-10
Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain arbitrary user authentication token and log into the system as any user.
- CVE-2026-2096CRITICALCVSS 9.8EG 9.82026-02-10
Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality.
- CVE-2026-21411HIGHCVSS 8.8EG 8.82026-01-06
Authentication bypass issue exists in OpenBlocks series versions prior to FW5.0.8, which may allow an attacker to bypass administrator authentication and change the password.
- CVE-2026-22037HIGHCVSS 8.4EG 8.42026-01-19
The @fastify/express plugin adds full Express compatibility to Fastify. A security vulnerability exists in @fastify/express prior to version 4.0.3 where middleware registered with a specific path prefix can be bypassed using URL-encoded ch…
- CVE-2026-22205HIGHCVSS 7.5EG 7.52026-02-26
SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication …
- CVE-2026-22341MEDIUMCVSS 6.7EG 5.42026-02-20
Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through <= 3.0.0.
- CVE-2026-23760CRITICALCVSS 9.8EG 9.8⚠ KEV2026-01-22
SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a res…
- CVE-2026-24206HIGHCVSS 7.3EG 7.32026-05-20
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to escalation of privileges, denial of service, or information disclosure.
- CVE-2026-24207CRITICALCVSS 9.8EG 9.82026-05-20
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of se…
- CVE-2026-24359HIGHCVSS 8.8EG 8.82026-03-25
Authentication Bypass Using an Alternate Path or Channel vulnerability in Dokan, Inc. Dokan dokan-lite allows Authentication Abuse.This issue affects Dokan: from n/a through <= 4.2.4.
- CVE-2026-24858CRITICALCVSS 9.8EG 9.8⚠ KEV2026-01-27
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 thr…
- CVE-2026-25002HIGHCVSS 7.5EG 7.52026-03-25
Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress – Sepay Payment learnpress-sepay-payment allows Authentication Abuse.This issue affects LearnPress – Sepay Payment: from n/a through <= 4.0.…
- CVE-2026-25035CRITICALCVSS 9.8EG 9.82026-03-25
Authentication Bypass Using an Alternate Path or Channel vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Authentication Abuse.This issue affects Contest Gallery: from n/a through <= 28.1.…
- CVE-2026-25357HIGHCVSS 8.1EG 8.12026-03-25
Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through <= 13.7.
- CVE-2026-2540HIGHCVSS 8.4EG 8.42026-02-15
The Micca KE700 system contains flawed resynchronization logic and is vulnerable to replay attacks. This attack requires sending two previously captured codes in a specific sequence. As a result, the system can be forced to accept previous…
- CVE-2026-25406HIGHCVSS 8.1EG 8.82026-03-25
Authentication Bypass Using an Alternate Path or Channel vulnerability in Themeum Tutor LMS Pro tutor-pro allows Authentication Abuse.This issue affects Tutor LMS Pro: from n/a through <= 3.9.4.
- CVE-2026-25439HIGHCVSS 8.1EG 8.12026-06-17
Unauthenticated Broken Authentication in Booknetic <= 4.8.5 versions.
- CVE-2026-25471HIGHCVSS 8.1EG 8.12026-03-19
Authentication Bypass Using an Alternate Path or Channel vulnerability in Themepaste Admin Safety Guard admin-safety-guard allows Password Recovery Exploitation.This issue affects Admin Safety Guard: from n/a through <= 1.2.6.
- CVE-2026-26117HIGHCVSS 7.8EG 7.82026-03-10
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally.
- CVE-2026-2628CRITICALCVSS 9.8EG 9.82026-03-03
The All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.2.5. This makes it possible for unauthenticated attackers to bypass authentica…
- CVE-2026-27049CRITICALCVSS 9.8EG 9.82026-03-25
Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobica Core jobica-core allows Authentication Abuse.This issue affects Jobica Core: from n/a through <= 1.4.2.
- CVE-2026-27389CRITICALCVSS 9.8EG 9.82026-03-05
Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Add…
- CVE-2026-27390HIGHCVSS 8.8EG 8.82026-03-05
Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Add…
- CVE-2026-2775CRITICALCVSS 9.8EG 9.82026-02-24
Mitigation bypass in the DOM: HTML Parser component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
- CVE-2026-2784CRITICALCVSS 9.8EG 9.82026-02-24
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
- CVE-2026-27842CRITICALCVSS 9.8EG 9.82026-03-11
Authentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device configuration.
- CVE-2026-2791CRITICALCVSS 9.8EG 9.82026-02-24
Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
- CVE-2026-29139CRITICALCVSS 9.8EG 9.82026-04-02
SEPPmail Secure Email Gateway before version 15.0.3 allows account takeover by abusing GINA account initialization to reset a victim account password.
- CVE-2026-30079CRITICALCVSS 9.8EG 9.82026-04-07
In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during UE registration procedure. This allows authentication to be bypassed completely. If a SecurityModeComplete message is sent after InitialUEReg…
- CVE-2026-31151CRITICALCVSS 9.8EG 9.82026-04-06
An issue in the login mechanism of Kaleris YMS v7.2.2.1 allows attackers to bypass login verification to access the application 's resources.
- CVE-2026-31271CRITICALCVSS 9.8EG 9.82026-04-07
megagao production_ssm v1.0 contains an authorization bypass vulnerability in the user addition functionality. The insert() method in UserController.java lacks authentication checks, allowing unauthenticated attackers to create super admin…
- CVE-2026-32004MEDIUMCVSS 6.5EG 6.52026-03-19
OpenClaw versions prior to 2026.3.2 contain an authentication bypass vulnerability in the /api/channels route classification due to canonicalization depth mismatch between auth-path classification and route-path canonicalization. Attackers…
- CVE-2026-32031MEDIUMCVSS 4.8EG 4.82026-03-19
OpenClaw versions prior to 2026.2.26 server-http contains an authentication bypass vulnerability in gateway authentication for plugin channel endpoints due to path canonicalization mismatch between the gateway guard and plugin handler rout…
- CVE-2026-3214MEDIUMCVSS 6.5EG 6.52026-03-25
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal CAPTCHA allows Functionality Bypass.This issue affects CAPTCHA: from 0.0.0 before 1.17.0, from 2.0.0 before 2.0.10.
- CVE-2026-3324HIGHCVSS 8.2EG 8.22026-04-16
Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.
Map vulnerabilities like CWE-288 to your infrastructure
EchelonGraph correlates every CVE — across CWE-288 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →