CVE-2026-11856 — CVSS 9.8 (critical): Successfully using libcurl to do a transfer to a specific HTTP origin (`hostA`) with **Digest** authentication and then changing the origin…
CVE-2026-32987 — CVSS 9.8 (critical): OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing verification in src/infra/device-bootstrap.ts…
CVE-2025-67135 — CVSS 9.8 (critical): Weak Security in the PF-50 1.2 keyfob of PGST PG107 Alarm System 1.25.05.hf allows attackers to compromise access control via a code replay…
CVE-2025-65552 — CVSS 9.8 (critical): D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system…
CVE-2023-47435 — CVSS 9.8 (critical): An issue in the verifyPassword function of hexo-theme-matery v2.0.0 allows attackers to bypass authentication and access password protected…
CVE-2023-49231 — CVSS 9.8 (critical): An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to receive an…
CVE-2022-22806 — CVSS 9.8 (critical): A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a…
CVE-2020-35551 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. They allow attackers to…
CVE-2018-19025 — CVSS 9.8 (critical): In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, which could be executed on the K-808…
CVE-2018-17932 — CVSS 9.8 (critical): JUUKO K-800 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.) is vulnerable to a replay attack and command forgery…
CVE-2019-18226 — CVSS 9.8 (critical): Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras…
CVE-2018-7790 — CVSS 9.8 (critical): An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to…
CVE-2025-6030: Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key Fob Transmitter in Cyclone Matrix TRF…
CVE-2025-6029: Use of fixed learning codes, one code to lock the car and the other code to unlock it, the Key Fob Transmitter in KIA-branded Aftermarket…
CVE-2024-4009 — CVSS 9.2 (critical): Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to…
CVE-2026-26232 — CVSS 9.1 (critical): Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange.
CVE-2026-8927 — CVSS 9.1 (critical): When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy…
CVE-2021-27289 — CVSS 9.1 (critical): A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix (Zigbee Gateway Module = v1.0.3, Door Sensor =…
CVE-2025-26201 — CVSS 9.1 (critical): Credential disclosure vulnerability via the /staff route in GreaterWMS <= 2.1.49 allows a remote unauthenticated attackers to bypass…
CVE-2020-6972 — CVSS 9.1 (critical): In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay…
CVE-2019-9659 — CVSS 9.1 (critical): The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control, allowing an attacker to arm, disarm, or trigger…
CVE-2018-17903 — CVSS 9.1 (critical): SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command forgery.
CVE-2023-0014 — CVSS 9.0 (critical): SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756…
CVE-2025-36593 — CVSS 8.8 (high): Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS…
CVE-2024-12839 — CVSS 8.8 (high): The login mechanism via device authentication of CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability. If…
CVE-2024-46041 — CVSS 8.8 (high): IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay.
CVE-2024-43099 — CVSS 8.8 (high): The session hijacking attack targets the application layer's control mechanism, which manages authenticated sessions between a host PC and…
CVE-2023-46892 — CVSS 8.8 (high): The radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to replay attacks, allowing attackers to record…
CVE-2023-39547 — CVSS 8.8 (high): CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X…
CVE-2022-31277 — CVSS 8.8 (high): Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks. This allows attackers to to bypass the expected access…
CVE-2022-31265 — CVSS 8.8 (high): The replay feature in the client in Wargaming World of Warships 0.11.4 allows remote attackers to execute code when a user launches a…
CVE-2022-22936 — CVSS 8.8 (high): An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible…
CVE-2020-25660 — CVSS 8.8 (high): A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients…
CVE-2020-15688 — CVSS 8.8 (high): The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. This allows an…
CVE-2020-10045 — CVSS 8.8 (high): A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An error…
CVE-2017-11786 — CVSS 8.8 (high): Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows an attacker to steal an authentication hash that can be…
CVE-2017-6823 — CVSS 8.8 (high): Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level parameter to dapur/ in an app=user&act=edit…
CVE-2024-38284: Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to…
CVE-2026-34021: The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the…
CVE-2021-27662 — CVSS 8.6 (high): The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This…
CVE-2020-10185 — CVSS 8.6 (high): The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP. NOTE: this issue is potentially…