CWE-288— Authentication Bypass Using an Alternate Path or Channel
The product requires authentication, but the product has an alternate path or channel that does not require authentication.— MITRE CWE catalog
581 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-288page 12 of 12
- CVE-2026-48020CRITICALCVSS 10.0EG 10.02026-06-11
Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.48, 3.6.19, and 3.7.3, there is a high severity vulnerability in Traefik's StripPrefix middleware that allows an unauthenticated attacker to bypass route-level authenticatio…
- CVE-2026-48491CRITICALCVSS 10.0EG 10.02026-06-16
Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection (SNICheck) that allows an unauthenticated client to bypass mutual TLS enforced throu…
- CVE-2026-48970HIGHCVSS 8.1EG 8.12026-06-15
Unauthenticated Broken Authentication in Really Simple SSL <= 9.5.10 versions.
- CVE-2026-49062HIGHCVSS 8.8EG 8.82026-06-15
Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue affects Faust.Js: from n/a through 1.8.7.
- CVE-2026-49071MEDIUMCVSS 6.5EG 6.52026-06-17
Unauthenticated Broken Authentication in WooCommerce Dropshipping <= 5.2.4 versions.
- CVE-2026-49764CRITICALCVSS 9.8EG 9.82026-06-15
Unauthenticated Broken Authentication in RegistrationMagic <= 6.0.8.6 versions.
- CVE-2026-49767CRITICALCVSS 9.8EG 9.82026-06-17
Unauthenticated Broken Authentication in wpForo Forum <= 3.1.0 versions.
- CVE-2026-50194HIGHCVSS 8.2EG 8.22026-06-17
Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. When Steeltoe management endpoints versions 3.2.2 through 3.3.0 and 4.1.0 are configured to listen on an alternate…
- CVE-2026-5268CRITICALCVSS 9.1EG 9.12026-07-06
An authentication bypass vulnerability exists in the default SFTP server component utilized across the Ciena products listed. This vulnerability allows a remote, unauthenticated attacker to bypass security controls and gain unauthorized ac…
- CVE-2026-53576CRITICALCVSS 10.0EG 10.02026-06-26
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API (@Filter("/api/v1/**")) treats any request whose path ends in /configs as the public instance-config endp…
- CVE-2026-53622CRITICALCVSS 10.0EG 10.02026-06-16
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 (QUIC) TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. Wh…
- CVE-2026-5415HIGHCVSS 8.8EG 8.82026-06-05
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.38. This is due to the ajax_run_t…
- CVE-2026-54804HIGHCVSS 7.6EG 7.62026-06-17
Subscriber Broken Authentication in Melhor Envio <= 2.16.3 versions.
- CVE-2026-54817MEDIUMCVSS 6.5EG 6.52026-06-17
Authentication Bypass Using an Alternate Path or Channel vulnerability in FluxBuilder MStore API allows Password Recovery Exploitation. This issue affects MStore API: from n/a through 4.18.4.
- CVE-2026-5557MEDIUMCVSS 6.3EG 6.32026-04-05
A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alte…
- CVE-2026-55666CRITICALCVSS 9.3EG 9.32026-06-24
Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, in apps/meteor/app/apple/server/loginHandler.ts, handleIdentityToken parses a JWT issued by …
- CVE-2026-56029HIGHCVSS 7.5EG 7.52026-06-26
Unauthenticated Broken Authentication in CorvusPay WooCommerce Payment Gateway <= 2.7.4 versions.
- CVE-2026-56243HIGHCVSS 8.1EG 8.12026-06-23
Capgo before 12.128.2 contains a security control bypass vulnerability where the PostgREST/RLS plane accepts plaintext API keys through the capgkey header despite enforce_hashed_api_keys being enabled. Attackers can bypass org-level hashed…
- CVE-2026-57807CRITICALCVSS 9.8EG 9.82026-07-10
Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security Software Pvt Ltd. OAuth Single Sign On - SSO (OAuth Client) allows Password Recovery Exploitation. This issue affects OAuth Single Sign On - SSO…
- CVE-2026-57867HIGHCVSS 8.8EG 8.82026-07-07
MicroRealEstate allows adversaries to bypass authentication due to a lack of token state management. This would permit adversaries targeting MicroRealEstate deployments to brute-force One-Time Passwords (OTP) to log in as any user. This is…
- CVE-2026-58172CRITICALCVSS 9.1EG 9.12026-06-30
Ocelot through 24.1.0, fixed in commit f156fd4, contains a security control bypass vulnerability that allows denied clients to circumvent IP-based access restrictions by sending WebSocket upgrade requests. The WebSocket upgrade pipeline br…
- CVE-2026-58517MEDIUMCVSS 4.3EG 4.32026-07-01
Improper neutralization of input terminators vulnerability in The Wikimedia Foundation Mediawiki - WikiLambda Extension allows Authentication Bypass. This issue affects Mediawiki - WikiLambda Extension: from * before 1.43.9,1.44.6,1.45.4.
- CVE-2026-6760CRITICALCVSS 9.8EG 9.82026-04-21
Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
- CVE-2026-6768CRITICALCVSS 9.8EG 9.82026-04-21
Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
- CVE-2026-6771CRITICALCVSS 9.8EG 9.82026-04-21
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
- CVE-2026-7458CRITICALCVSS 9.8EG 9.82026-05-02
The User Verification by PickPlugins plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.46. This is due to the use of a loose PHP comparison operator to validate OTP codes in the "user_ver…
- CVE-2026-7567CRITICALCVSS 9.8EG 9.82026-05-01
The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybe_login_temporary_user() function, which fails to verify that the 't…
- CVE-2026-8321HIGHCVSS 7.3EG 7.32026-05-11
A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affects the function createDevContext of the file agents-api/src/middleware/runAuth.ts of the component runAuth Middleware. Performing a manipulation results in auth…
- CVE-2026-8598CRITICALCVSS 9.1EG 9.12026-05-20
An undocumented configuration export port is accessible on some models of ZKTeco CCTV cameras. This port does not require authentication and exposes critical information about the camera such as open services and camera account credenti…
- CVE-2026-8697HIGHCVSS 8.8EG 8.82026-05-28
Due to improper enforcement of authentication rate-limiting on a debug SSH service in Archer C64 v1, the SSH service allows unlimited authentication attempts and uses the same credentials as the web interface. This enables an attacker to …
- CVE-2026-8990MEDIUMCVSS 5.3EG 5.32026-05-28
A user with physical access to a smartphone can bypass authentication mechanism of Kidsview mobile application and grant himself full access to the device owner's account by interacting with application's push notification. This issue wa…
Map vulnerabilities like CWE-288 to your infrastructure
EchelonGraph correlates every CVE — across CWE-288 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →