CVEs classified under CWE-290, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2026-48567 — CVSS 10.0 (critical): Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-6213: A vulnerability in Remote Spark SparkView before build 1122 allows an attacker to bypasses the local connection check and achieve arbitrary…
CVE-2026-39858 — CVSS 10.0 (critical): Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity…
CVE-2025-66570 — CVSS 10.0 (critical): cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows…
CVE-2025-34063: A cryptographic authentication bypass vulnerability exists in OneLogin AD Connector prior to 6.1.5 due to the exposure of a tenant’s SSO…
CVE-2023-22814 — CVSS 10.0 (critical): An authentication bypass issue via spoofing was discovered in the token-based authentication mechanism that could allow an attacker to…
CVE-2023-34157 — CVSS 10.0 (critical): Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may cause repeated pop-up windows of the app.
CVE-2022-36331 — CVSS 10.0 (critical): Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could…
CVE-2022-2310 — CVSS 10.0 (critical): An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and…
CVE-2022-29165 — CVSS 10.0 (critical): Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A critical vulnerability has been discovered in Argo CD starting…
CVE-2020-7388 — CVSS 10.0 (critical): Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By editing the client side authentication…
CVE-2020-26276 — CVSS 10.0 (critical): Fleet is an open source osquery manager. In Fleet before version 3.5.1, due to issues in Go's standard library XML parsing, a valid SAML…
CVE-2020-5415 — CVSS 10.0 (critical): Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnerable to identity spoofing by…
CVE-2026-22797 — CVSS 9.9 (critical): An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through…
CVE-2025-21415 — CVSS 9.9 (critical): Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network.
CVE-2024-6678 — CVSS 9.9 (critical): An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and…
CVE-2026-24270 — CVSS 9.8 (critical): NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of this vulnerability…
CVE-2026-49468 — CVSS 9.8 (critical): LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, This vulnerability is fixed in…
CVE-2026-36537 — CVSS 9.8 (critical): ThingsBoard v4.3.0.1 is vulnerable to an authentication bypass during the OAuth authorization code exchange. The application improperly…
CVE-2026-44649 — CVSS 9.8 (critical): SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image…
CVE-2026-44183 — CVSS 9.8 (critical): Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like…
CVE-2021-47923 — CVSS 9.8 (critical): OpenCart 3.0.3.8 contains a session fixation vulnerability that allows attackers to hijack user sessions by injecting arbitrary values into…
CVE-2018-25318 — CVSS 9.8 (critical): Tenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS…
CVE-2018-25317 — CVSS 9.8 (critical): Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated…
CVE-2018-25316 — CVSS 9.8 (critical): Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by…
CVE-2026-25660 — CVSS 9.8 (critical): CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication…
CVE-2025-59707 — CVSS 9.8 (critical): In N2W before 4.3.2 and 4.4.x before 4.4.1, there is potential remote code execution and account credentials theft because of a spoofing…
CVE-2025-59706 — CVSS 9.8 (critical): In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API request parameters enables remote code execution.
CVE-2026-2800 — CVSS 9.8 (critical): Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
CVE-2026-25938 — CVSS 9.8 (critical): FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. From 1.2.8 through 1.2.10, an authentication bypass vulnerability…
CVE-2020-37056 — CVSS 9.8 (critical): Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to bypass protection middleware by…
CVE-2025-59385 — CVSS 9.8 (critical): An authentication bypass by spoofing vulnerability has been reported to affect several QNAP operating system versions. The remote attackers…
CVE-2025-36753 — CVSS 9.8 (critical): The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access…
CVE-2025-8853 — CVSS 9.8 (critical): Official Document Management System developed by 2100 Technology has an Authentication Bypass vulnerability, allowing unauthenticated…
CVE-2025-36594 — CVSS 9.8 (critical): Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2024…
CVE-2025-43245 — CVSS 9.8 (critical): A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7…
CVE-2025-49002 — CVSS 9.8 (critical): DataEase is an open source business intelligence and data visualization tool. Versions prior to version 2.10.10 have a flaw in the patch…
CVE-2023-41591 — CVSS 9.8 (critical): An issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses and potentially execute a…
CVE-2025-32966 — CVSS 9.8 (critical): DataEase is an open-source BI tool alternative to Tableau. Prior to version 2.10.8, authenticated users can complete RCE through the…
CVE-2024-55210 — CVSS 9.8 (critical): An issue in TOTVS Framework (Linha Protheus) 12.1.2310 allows attackers to bypass multi-factor authentication (MFA) via a crafted websocket…
CVE-2025-1298 — CVSS 9.8 (critical): Logic vulnerability in the mobile application (com.transsion.carlcare) may lead to the risk of account takeover.
CVE-2022-3180 — CVSS 9.8 (critical): The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated…
CVE-2024-13061 — CVSS 9.8 (critical): The Electronic Official Document Management System from 2100 Technology has an Authentication Bypass vulnerability. Although the product…
CVE-2024-46957 — CVSS 9.8 (critical): Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing if the implementation uses predictable IDs because the stanza type is…
CVE-2024-29006 — CVSS 9.8 (critical): By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it as the source IP of an API request. This…
CVE-2023-51350 — CVSS 9.8 (critical): A spoofing attack in ujcms v.8.0.2 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script…
CVE-2023-30803 — CVSS 9.8 (critical): The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication bypass vulnerability. A remote and…