CWE-306— Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.— MITRE CWE catalog
2,409 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-306page 42 of 49
- CVE-2026-26051CRITICALCVSS 9.4EG 9.42026-03-06
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint usi…
- CVE-2026-26055HIGHCVSS 7.5EG 7.52026-02-12
Yoke is a Helm-inspired infrastructure-as-code (IaC) package deployer. In 0.19.0 and earlier, a vulnerability exists in the Air Traffic Controller (ATC) component of Yoke. The ATC webhook endpoints lack proper authentication mechanisms, al…
- CVE-2026-26125HIGHCVSS 8.6EG 8.62026-03-05
Payment Orchestrator Service Elevation of Privilege Vulnerability
- CVE-2026-26159HIGHCVSS 7.8EG 7.82026-04-14
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.
- CVE-2026-26160HIGHCVSS 7.8EG 7.82026-04-14
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.
- CVE-2026-26190CRITICALCVSS 9.8EG 9.82026-02-13
Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable de…
- CVE-2026-26235HIGHCVSS 7.5EG 7.52026-02-12
JUNG Smart Visu Server 1.1.1050 contains a denial of service vulnerability that allows unauthenticated attackers to remotely shutdown or reboot the server. Attackers can send a single POST request to trigger the server reboot without requi…
- CVE-2026-2624CRITICALCVSS 9.8EG 9.82026-02-25
Missing Authentication for Critical Function vulnerability in ePati Cyber Security Technologies Inc. Antikor Next Generation Firewall (NGFW) allows Authentication Bypass. This issue affects Antikor Next Generation Firewall (NGFW): f…
- CVE-2026-26288CRITICALCVSS 9.4EG 9.42026-03-06
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint usi…
- CVE-2026-26333CRITICALCVSS 9.8EG 9.82026-02-13
Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port 8001. The service publishes default ObjectURIs (including EndeavorServer.rem and RemoteFileReceiver.rem) and permits the use of SO…
- CVE-2026-2675MEDIUMCVSS 6.5EG 6.52026-06-17
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.…
- CVE-2026-26944HIGHCVSS 8.8EG 8.82026-04-20
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a missing authentication for critical function vulnerability. An una…
- CVE-2026-27182HIGHCVSS 8.4EG 8.42026-02-18
Saturn Remote Mouse Server contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending specially crafted UDP JSON frames to port 27000. Attackers on the local network can send m…
- CVE-2026-27446CRITICALCVSS 9.8EG 9.82026-03-04
Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation…
- CVE-2026-27509HIGHCVSS 8.0EG 8.02026-02-26
Unitree Go2 firmware versions V1.1.7 through V1.1.9, and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled by actuator_manager.py. A network-adja…
- CVE-2026-2754HIGHCVSS 7.5EG 7.52026-03-06
Navtor NavBox exposes sensitive configuration and operational data due to missing authentication on HTTP API endpoints. An unauthenticated remote attacker with network access to the device can execute HTTP GET requests to TCP port 8080 to …
- CVE-2026-27595HIGHCVSS 7.5EG 7.52026-02-25
Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42 through 9.0.0-alpha.7, the AI Agent API endpoint (POST `/apps/:appId/agent`) has multiple security vulnerabilities that, when chained, all…
- CVE-2026-27604CRITICALCVSS 10.0EG 10.02026-06-23
FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization bypass in the API role handling allows unauthenticated access to privileged `/api/system/*` end…
- CVE-2026-27843CRITICALCVSS 9.1EG 9.12026-04-24
A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By applying unsupported or disruptive values to…
- CVE-2026-27846MEDIUMCVSS 6.2EG 6.22026-02-25
Due to missing authentication, a user with physical access to the device can misuse the mesh functionality for adding a new mesh device to the network to gain access to sensitive information, including the password for admin access to th…
- CVE-2026-28229HIGHCVSS 7.5EG 7.52026-03-11
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to 4.0.2 and 3.7.11, Workflow templates endpoints allow any client to retrieve WorkflowTemplates (and ClusterWorkflowTem…
- CVE-2026-28766CRITICALCVSS 9.3EG 9.32026-04-03
A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication.
- CVE-2026-28767MEDIUMCVSS 5.3EG 5.32026-04-03
A specific administrative endpoint notifications is accessible without proper authentication.
- CVE-2026-29132HIGHCVSS 7.5EG 7.52026-04-02
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim's GINA account to bypass a second-password check and read protected emails.
- CVE-2026-29796CRITICALCVSS 9.4EG 9.42026-03-20
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint usi…
- CVE-2026-3053HIGHCVSS 7.3EG 7.32026-02-24
A vulnerability was determined in DataLinkDC dinky up to 1.2.5. This affects the function addInterceptors of the file dinky-admin/src/main/java/org/dinky/configure/AppConfig.java of the component OpenAPI Endpoint. Executing a manipulation …
- CVE-2026-30799HIGHCVSS 8.1EG 8.12026-06-17
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Identity Spoofing.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.*, from 6.1.0 before…
- CVE-2026-31071CRITICALCVSS 9.1EG 9.12026-05-19
API endpoints in LalanaChami Pharmacy Management System (commit 5c3d028) lack authentication middleware. Unauthenticated remote attackers can exploit this to dump all user records (including bcrypt password hashes) via /api/user/getUserDat…
- CVE-2026-31240HIGHCVSS 7.5EG 7.52026-05-12
The mem0 1.0.0 server lacks authentication and authorization controls for its memory management API endpoints. Critical functions such as updating memory records (PUT /memories/{memory_id}) are exposed without any verification of the reque…
- CVE-2026-31241MEDIUMCVSS 6.5EG 6.52026-05-12
The mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint (DELETE /memories). The endpoint allows unauthenticated users to delete memory records by specifying arbitrary user identifiers (e.g…
- CVE-2026-31242CRITICALCVSS 9.1EG 9.12026-05-12
The mem0 v1.0.0 server lacks authentication and authorization controls for its memory reset functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, …
- CVE-2026-31243MEDIUMCVSS 6.5EG 6.52026-05-12
The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that trigger…
- CVE-2026-31244MEDIUMCVSS 6.5EG 6.52026-05-12
The mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint (DELETE /memories/{memory_id}). The endpoint allows unauthenticated users to delete arbitrary memory records without verifying their…
- CVE-2026-31245MEDIUMCVSS 5.3EG 5.32026-05-12
The mem0 1.0.0 server lacks authentication and authorization controls for its memory creation API endpoint (POST /memories). The endpoint allows unauthenticated users to submit arbitrary memory records without verifying their identity or p…
- CVE-2026-31846MEDIUMCVSS 6.5EG 6.52026-03-23
Missing authentication in the /goform/ate endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows an adjacent unauthenticated attacker to retrieve sensitive device information, including the administrator passwo…
- CVE-2026-3192MEDIUMCVSS 5.6EG 5.62026-02-25
A security vulnerability has been detected in Chia Blockchain 2.1.0. This issue affects the function _authenticate of the file rpc_server_base.py of the component RPC Credential Handler. The manipulation leads to improper authentication. T…
- CVE-2026-3194MEDIUMCVSS 4.5EG 4.52026-02-25
A flaw has been found in Chia Blockchain 2.1.0. The affected element is the function send_transaction/get_private_key of the component RPC Server Master Passphrase Handler. This manipulation causes missing authentication. The attack can on…
- CVE-2026-31983MEDIUMCVSS 5.3EG 5.32026-07-09
A Missing Authentication vulnerability was discovered in the SSH keys synchronization endpoint. An unauthenticated attacker can send a request to the SSH keys synchronization endpoint and obtain the list of users that have uploaded their p…
- CVE-2026-32041MEDIUMCVSS 6.9EG 6.92026-03-19
OpenClaw versions prior to 2026.3.1 fail to properly handle authentication bootstrap errors during startup, allowing browser-control routes to remain accessible without authentication. Local processes or loopback-reachable SSRF paths can e…
- CVE-2026-32064HIGHCVSS 7.7EG 7.72026-03-21
OpenClaw versions prior to 2026.2.21 sandbox browser entrypoint launches x11vnc without authentication for noVNC observer sessions, allowing unauthenticated access to the VNC interface. Remote attackers on the host loopback interface can c…
- CVE-2026-3207CRITICALCVSS 9.8EG 9.82026-03-17
Configuration issue in Java Management Extensions (JMX) in TIBCO BPM Enterprise version 4.x allows unauthorised access.
- CVE-2026-32211CRITICALCVSS 9.1EG 9.12026-04-03
Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network.
- CVE-2026-32291MEDIUMCVSS 6.8EG 6.82026-03-17
The GL-iNet Comet (GL-RM1) KVM before 1.8.2 does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UART pins.
- CVE-2026-32297HIGHCVSS 7.5EG 7.52026-03-17
The Angeet ES3 KVM allows a remote, unauthenticated attacker to write arbitrary files, including configuration files or system binaries. Modified configuration files or system binaries could allow an attacker to take complete control of a …
- CVE-2026-32646HIGHCVSS 7.5EG 7.52026-04-03
A specific administrative endpoint is accessible without proper authentication, exposing device management functions.
- CVE-2026-32896MEDIUMCVSS 4.8EG 4.82026-03-21
The BlueBubbles webhook handler in OpenClaw versions prior to 2026.2.21 contains a passwordless fallback authentication path that allows unauthenticated webhook events in certain reverse-proxy or local routing configurations. Attackers can…
- CVE-2026-32957MEDIUMCVSS 5.3EG 5.32026-04-20
SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue on firmware maintenance. Arbitrary file may be uploaded on the device without authentication.
- CVE-2026-32962MEDIUMCVSS 5.3EG 5.32026-04-20
SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue. The device configuration may be altered without authentication.
- CVE-2026-32985CRITICALCVSS 9.8EG 9.82026-03-20
Xerte Online Toolkits versions 3.14 and earlier contain an unauthenticated arbitrary file upload vulnerability in the template import functionality that allows remote attackers to execute arbitrary code by uploading a crafted ZIP archive c…
- CVE-2026-33017CRITICALCVSS 9.8EG 9.8⚠ KEV2026-03-20
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows without requiring authentication. When the op…
Map vulnerabilities like CWE-306 to your infrastructure
EchelonGraph correlates every CVE — across CWE-306 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →