CWE-287: Improper Authentication — known CVE vulnerabilities
CVEs classified under CWE-287 (Improper Authentication), ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2026-45480 — CVSS 10.0 (critical): Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-10611 — CVSS 10.0 (critical): An authentication bypass vulnerability exists in MISP when LDAP mixed authentication is enabled with OTP enforcement. In deployments…
CVE-2026-47280 — CVSS 10.0 (critical): Improper authentication in Azure Resource Manager (ARM) allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-42822 — CVSS 10.0 (critical): Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-42869 — CVSS 10.0 (critical): SOCFortress CoPilot focuses on providing a single pane of glass for all your security operations needs. Prior to 0.1.57, SOCFortress…
CVE-2026-41070 — CVSS 10.0 (critical): openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on (SSO) auth flows…
CVE-2026-41679 — CVSS 10.0 (critical): Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Prior to version 2026.416.0, an…
CVE-2026-24898 — CVSS 10.0 (critical): OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0, an unauthenticated…
CVE-2026-23600: A remote authentication bypass vulnerability exists in HPE AutoPass License Server (APLS).
CVE-2025-15586: OGP-Website installs prior git commit 52f865a4fba763594453068acf8fa9e3fc38d663 are affected by a type juggling flaw which if exploited can…
CVE-2025-70841 — CVSS 10.0 (critical): Dokans Multi-Tenancy Based eCommerce Platform SaaS 3.9.2 allows unauthenticated remote attackers to obtain sensitive application…
CVE-2025-44005 — CVSS 10.0 (critical): An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain…
CVE-2025-63224 — CVSS 10.0 (critical): The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers…
CVE-2025-63216 — CVSS 10.0 (critical): The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers…
CVE-2025-9265: A broken authorization vulnerability in Kiloview NDI N30 allows a remote unauthenticated attacker to deactivate user verification, giving…
CVE-2025-54419 — CVSS 10.0 (critical): A SAML library not dependent on any frameworks that runs in Node. In version 5.0.1, Node-SAML loads the assertion from the (unsigned)…
CVE-2025-52572 — CVSS 10.0 (critical): Hikka, a Telegram userbot, has vulnerability affects all users on all versions of Hikka. Two scenarios are possible. 1. Web interface does…
CVE-2025-29813 — CVSS 10.0 (critical): Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.
CVE-2024-11186 — CVSS 10.0 (critical): On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader…
CVE-2024-0002 — CVSS 10.0 (critical): A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.
CVE-2024-30299 — CVSS 10.0 (critical): Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an Improper Authentication vulnerability that could…
CVE-2023-20238 — CVSS 10.0 (critical): A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended…
CVE-2023-2024 — CVSS 10.0 (critical): Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under…
CVE-2023-27482 — CVSS 10.0 (critical): homeassistant is an open source home automation tool. A remotely exploitable vulnerability bypassing authentication for accessing the…
CVE-2022-31125 — CVSS 10.0 (critical): Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a…
CVE-2022-20695 — CVSS 10.0 (critical): A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote…
CVE-2022-21196 — CVSS 10.0 (critical): MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to…
CVE-2021-23857 — CVSS 10.0 (critical): Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the…
CVE-2021-39296 — CVSS 10.0 (critical): In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system.
CVE-2021-32637 — CVSS 10.0 (critical): Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngx_http_auth_request_module with…
CVE-2019-16649 — CVSS 10.0 (critical): On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media…
CVE-2019-12643 — CVSS 10.0 (critical): A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker…
CVE-2019-1867 — CVSS 10.0 (critical): A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypass…
CVE-2018-18505 — CVSS 10.0 (critical): An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC…
CVE-2018-13816 — CVSS 10.0 (critical): A vulnerability has been identified in TIM 1531 IRC (All version < V2.0). The devices was missing proper authentication on port 102/tcp…
CVE-2018-6667 — CVSS 10.0 (critical): Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remote…
CVE-2017-13995 — CVSS 10.0 (critical): An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does…
CVE-2017-3791 — CVSS 10.0 (critical): A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and…
CVE-2015-5998 — CVSS 10.0 (critical): Impero Education Pro before 5105 relies on the -1|AUTHENTICATE\x02PASSWORD string for authentication, which allows remote attackers to…
CVE-2015-0198 — CVSS 10.0 (critical): IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList…
CVE-2015-0653 — CVSS 10.0 (critical): The management interface in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X7.2.4, X8 before X8.1.2, and…
CVE-2015-2033 — CVSS 10.0 (critical): Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root…
CVE-2014-8329 — CVSS 10.0 (critical): Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the web root with insufficient access…