Common Weakness Enumeration

CWE-288

Allowed

Authentication Bypass Using an Alternate Path or Channel

Abstraction: Base · Status: Incomplete

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

1072 vulnerabilities reference this CWE, most recent first.

CVE-2026-20460 (GCVE-0-2026-20460)

Vulnerability from cvelistv5 – Published: 2026-07-01 03:14 – Updated: 2026-07-01 10:39
VLAI
Summary
In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01811421; Issue ID: MSV-6788.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
Impacted products
Vendor Product Version
MediaTek, Inc. MediaTek chipset Affected: MT2735
Affected: MT2737
Affected: MT6779
Affected: MT6781
Affected: MT6783
Affected: MT6785
Affected: MT6789
Affected: MT6813
Affected: MT6833
Affected: MT6835
Affected: MT6853
Affected: MT6855
Affected: MT6858
Affected: MT6873
Affected: MT6875
Affected: MT6877
Affected: MT6878
Affected: MT6879
Affected: MT6880
Affected: MT6883
Affected: MT6885
Affected: MT6886
Affected: MT6889
Affected: MT6890
Affected: MT6891
Affected: MT6893
Affected: MT6895
Affected: MT6896
Affected: MT6897
Affected: MT6899
Affected: MT6980
Affected: MT6983
Affected: MT6985
Affected: MT6986D
Affected: MT6988
Affected: MT6989
Affected: MT6990
Affected: MT6991
Affected: MT6993
Affected: MT8673
Affected: MT8675
Affected: MT8676
Affected: MT8678
Affected: MT8755
Affected: MT8765
Affected: MT8766
Affected: MT8766R
Affected: MT8768
Affected: MT8771
Affected: MT8775
Affected: MT8781
Affected: MT8786
Affected: MT8788
Affected: MT8788E
Affected: MT8789
Affected: MT8791
Affected: MT8791T
Affected: MT8792
Affected: MT8793
Affected: MT8795T
Affected: MT8796
Affected: MT8797
Affected: MT8798
Affected: MT8863
Affected: MT8873
Affected: MT8883
Affected: MT8893
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "ADJACENT_NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-20460",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-01T10:37:14.445048Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-01T10:39:34.250Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MediaTek chipset",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "MT2735"
            },
            {
              "status": "affected",
              "version": "MT2737"
            },
            {
              "status": "affected",
              "version": "MT6779"
            },
            {
              "status": "affected",
              "version": "MT6781"
            },
            {
              "status": "affected",
              "version": "MT6783"
            },
            {
              "status": "affected",
              "version": "MT6785"
            },
            {
              "status": "affected",
              "version": "MT6789"
            },
            {
              "status": "affected",
              "version": "MT6813"
            },
            {
              "status": "affected",
              "version": "MT6833"
            },
            {
              "status": "affected",
              "version": "MT6835"
            },
            {
              "status": "affected",
              "version": "MT6853"
            },
            {
              "status": "affected",
              "version": "MT6855"
            },
            {
              "status": "affected",
              "version": "MT6858"
            },
            {
              "status": "affected",
              "version": "MT6873"
            },
            {
              "status": "affected",
              "version": "MT6875"
            },
            {
              "status": "affected",
              "version": "MT6877"
            },
            {
              "status": "affected",
              "version": "MT6878"
            },
            {
              "status": "affected",
              "version": "MT6879"
            },
            {
              "status": "affected",
              "version": "MT6880"
            },
            {
              "status": "affected",
              "version": "MT6883"
            },
            {
              "status": "affected",
              "version": "MT6885"
            },
            {
              "status": "affected",
              "version": "MT6886"
            },
            {
              "status": "affected",
              "version": "MT6889"
            },
            {
              "status": "affected",
              "version": "MT6890"
            },
            {
              "status": "affected",
              "version": "MT6891"
            },
            {
              "status": "affected",
              "version": "MT6893"
            },
            {
              "status": "affected",
              "version": "MT6895"
            },
            {
              "status": "affected",
              "version": "MT6896"
            },
            {
              "status": "affected",
              "version": "MT6897"
            },
            {
              "status": "affected",
              "version": "MT6899"
            },
            {
              "status": "affected",
              "version": "MT6980"
            },
            {
              "status": "affected",
              "version": "MT6983"
            },
            {
              "status": "affected",
              "version": "MT6985"
            },
            {
              "status": "affected",
              "version": "MT6986D"
            },
            {
              "status": "affected",
              "version": "MT6988"
            },
            {
              "status": "affected",
              "version": "MT6989"
            },
            {
              "status": "affected",
              "version": "MT6990"
            },
            {
              "status": "affected",
              "version": "MT6991"
            },
            {
              "status": "affected",
              "version": "MT6993"
            },
            {
              "status": "affected",
              "version": "MT8673"
            },
            {
              "status": "affected",
              "version": "MT8675"
            },
            {
              "status": "affected",
              "version": "MT8676"
            },
            {
              "status": "affected",
              "version": "MT8678"
            },
            {
              "status": "affected",
              "version": "MT8755"
            },
            {
              "status": "affected",
              "version": "MT8765"
            },
            {
              "status": "affected",
              "version": "MT8766"
            },
            {
              "status": "affected",
              "version": "MT8766R"
            },
            {
              "status": "affected",
              "version": "MT8768"
            },
            {
              "status": "affected",
              "version": "MT8771"
            },
            {
              "status": "affected",
              "version": "MT8775"
            },
            {
              "status": "affected",
              "version": "MT8781"
            },
            {
              "status": "affected",
              "version": "MT8786"
            },
            {
              "status": "affected",
              "version": "MT8788"
            },
            {
              "status": "affected",
              "version": "MT8788E"
            },
            {
              "status": "affected",
              "version": "MT8789"
            },
            {
              "status": "affected",
              "version": "MT8791"
            },
            {
              "status": "affected",
              "version": "MT8791T"
            },
            {
              "status": "affected",
              "version": "MT8792"
            },
            {
              "status": "affected",
              "version": "MT8793"
            },
            {
              "status": "affected",
              "version": "MT8795T"
            },
            {
              "status": "affected",
              "version": "MT8796"
            },
            {
              "status": "affected",
              "version": "MT8797"
            },
            {
              "status": "affected",
              "version": "MT8798"
            },
            {
              "status": "affected",
              "version": "MT8863"
            },
            {
              "status": "affected",
              "version": "MT8873"
            },
            {
              "status": "affected",
              "version": "MT8883"
            },
            {
              "status": "affected",
              "version": "MT8893"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01811421; Issue ID: MSV-6788."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-01T03:14:02.293Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/July-2026"
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2026-20460",
    "datePublished": "2026-07-01T03:14:02.293Z",
    "dateReserved": "2025-11-03T01:30:59.014Z",
    "dateUpdated": "2026-07-01T10:39:34.250Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-20459 (GCVE-0-2026-20459)

Vulnerability from cvelistv5 – Published: 2026-07-01 03:14 – Updated: 2026-07-01 10:39
VLAI
Summary
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01816800; Issue ID: MSV-6842.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
Impacted products
Vendor Product Version
MediaTek, Inc. MediaTek chipset Affected: MT2716
Affected: MT2735
Affected: MT2737
Affected: MT6739
Affected: MT6761
Affected: MT6762
Affected: MT6763
Affected: MT6765
Affected: MT6767
Affected: MT6768
Affected: MT6769
Affected: MT6771
Affected: MT6779
Affected: MT6781
Affected: MT6783
Affected: MT6785
Affected: MT6789
Affected: MT6813
Affected: MT6833
Affected: MT6835
Affected: MT6853
Affected: MT6855
Affected: MT6858
Affected: MT6873
Affected: MT6875
Affected: MT6877
Affected: MT6878
Affected: MT6879
Affected: MT6880
Affected: MT6881
Affected: MT6883
Affected: MT6885
Affected: MT6886
Affected: MT6889
Affected: MT6890
Affected: MT6891
Affected: MT6893
Affected: MT6895
Affected: MT6896
Affected: MT6897
Affected: MT6899
Affected: MT6980
Affected: MT6982
Affected: MT6983
Affected: MT6985
Affected: MT6986
Affected: MT6986D
Affected: MT6988
Affected: MT6989
Affected: MT6990
Affected: MT6991
Affected: MT6993
Affected: MT8666
Affected: MT8667
Affected: MT8668
Affected: MT8673
Affected: MT8675
Affected: MT8676
Affected: MT8678
Affected: MT8755
Affected: MT8765
Affected: MT8766
Affected: MT8766R
Affected: MT8768
Affected: MT8771
Affected: MT8775
Affected: MT8781
Affected: MT8786
Affected: MT8788
Affected: MT8788E
Affected: MT8789
Affected: MT8791
Affected: MT8791T
Affected: MT8792
Affected: MT8793
Affected: MT8795T
Affected: MT8796
Affected: MT8797
Affected: MT8798
Affected: MT8863
Affected: MT8873
Affected: MT8883
Affected: MT8893
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "ADJACENT_NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-20459",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-01T10:37:31.607937Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-01T10:39:19.025Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MediaTek chipset",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "MT2716"
            },
            {
              "status": "affected",
              "version": "MT2735"
            },
            {
              "status": "affected",
              "version": "MT2737"
            },
            {
              "status": "affected",
              "version": "MT6739"
            },
            {
              "status": "affected",
              "version": "MT6761"
            },
            {
              "status": "affected",
              "version": "MT6762"
            },
            {
              "status": "affected",
              "version": "MT6763"
            },
            {
              "status": "affected",
              "version": "MT6765"
            },
            {
              "status": "affected",
              "version": "MT6767"
            },
            {
              "status": "affected",
              "version": "MT6768"
            },
            {
              "status": "affected",
              "version": "MT6769"
            },
            {
              "status": "affected",
              "version": "MT6771"
            },
            {
              "status": "affected",
              "version": "MT6779"
            },
            {
              "status": "affected",
              "version": "MT6781"
            },
            {
              "status": "affected",
              "version": "MT6783"
            },
            {
              "status": "affected",
              "version": "MT6785"
            },
            {
              "status": "affected",
              "version": "MT6789"
            },
            {
              "status": "affected",
              "version": "MT6813"
            },
            {
              "status": "affected",
              "version": "MT6833"
            },
            {
              "status": "affected",
              "version": "MT6835"
            },
            {
              "status": "affected",
              "version": "MT6853"
            },
            {
              "status": "affected",
              "version": "MT6855"
            },
            {
              "status": "affected",
              "version": "MT6858"
            },
            {
              "status": "affected",
              "version": "MT6873"
            },
            {
              "status": "affected",
              "version": "MT6875"
            },
            {
              "status": "affected",
              "version": "MT6877"
            },
            {
              "status": "affected",
              "version": "MT6878"
            },
            {
              "status": "affected",
              "version": "MT6879"
            },
            {
              "status": "affected",
              "version": "MT6880"
            },
            {
              "status": "affected",
              "version": "MT6881"
            },
            {
              "status": "affected",
              "version": "MT6883"
            },
            {
              "status": "affected",
              "version": "MT6885"
            },
            {
              "status": "affected",
              "version": "MT6886"
            },
            {
              "status": "affected",
              "version": "MT6889"
            },
            {
              "status": "affected",
              "version": "MT6890"
            },
            {
              "status": "affected",
              "version": "MT6891"
            },
            {
              "status": "affected",
              "version": "MT6893"
            },
            {
              "status": "affected",
              "version": "MT6895"
            },
            {
              "status": "affected",
              "version": "MT6896"
            },
            {
              "status": "affected",
              "version": "MT6897"
            },
            {
              "status": "affected",
              "version": "MT6899"
            },
            {
              "status": "affected",
              "version": "MT6980"
            },
            {
              "status": "affected",
              "version": "MT6982"
            },
            {
              "status": "affected",
              "version": "MT6983"
            },
            {
              "status": "affected",
              "version": "MT6985"
            },
            {
              "status": "affected",
              "version": "MT6986"
            },
            {
              "status": "affected",
              "version": "MT6986D"
            },
            {
              "status": "affected",
              "version": "MT6988"
            },
            {
              "status": "affected",
              "version": "MT6989"
            },
            {
              "status": "affected",
              "version": "MT6990"
            },
            {
              "status": "affected",
              "version": "MT6991"
            },
            {
              "status": "affected",
              "version": "MT6993"
            },
            {
              "status": "affected",
              "version": "MT8666"
            },
            {
              "status": "affected",
              "version": "MT8667"
            },
            {
              "status": "affected",
              "version": "MT8668"
            },
            {
              "status": "affected",
              "version": "MT8673"
            },
            {
              "status": "affected",
              "version": "MT8675"
            },
            {
              "status": "affected",
              "version": "MT8676"
            },
            {
              "status": "affected",
              "version": "MT8678"
            },
            {
              "status": "affected",
              "version": "MT8755"
            },
            {
              "status": "affected",
              "version": "MT8765"
            },
            {
              "status": "affected",
              "version": "MT8766"
            },
            {
              "status": "affected",
              "version": "MT8766R"
            },
            {
              "status": "affected",
              "version": "MT8768"
            },
            {
              "status": "affected",
              "version": "MT8771"
            },
            {
              "status": "affected",
              "version": "MT8775"
            },
            {
              "status": "affected",
              "version": "MT8781"
            },
            {
              "status": "affected",
              "version": "MT8786"
            },
            {
              "status": "affected",
              "version": "MT8788"
            },
            {
              "status": "affected",
              "version": "MT8788E"
            },
            {
              "status": "affected",
              "version": "MT8789"
            },
            {
              "status": "affected",
              "version": "MT8791"
            },
            {
              "status": "affected",
              "version": "MT8791T"
            },
            {
              "status": "affected",
              "version": "MT8792"
            },
            {
              "status": "affected",
              "version": "MT8793"
            },
            {
              "status": "affected",
              "version": "MT8795T"
            },
            {
              "status": "affected",
              "version": "MT8796"
            },
            {
              "status": "affected",
              "version": "MT8797"
            },
            {
              "status": "affected",
              "version": "MT8798"
            },
            {
              "status": "affected",
              "version": "MT8863"
            },
            {
              "status": "affected",
              "version": "MT8873"
            },
            {
              "status": "affected",
              "version": "MT8883"
            },
            {
              "status": "affected",
              "version": "MT8893"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01816800; Issue ID: MSV-6842."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-01T03:14:00.977Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/July-2026"
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2026-20459",
    "datePublished": "2026-07-01T03:14:00.977Z",
    "dateReserved": "2025-11-03T01:30:59.014Z",
    "dateUpdated": "2026-07-01T10:39:19.025Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-20079 (GCVE-0-2026-20079)

Vulnerability from cvelistv5 – Published: 2026-03-04 17:17 – Updated: 2026-03-05 14:06
VLAI
Summary
A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute a variety of scripts and commands that allow root access to the device.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
Impacted products
Vendor Product Version
Cisco Cisco Secure Firewall Management Center (FMC) Affected: 7.0.0
Affected: 7.0.0.1
Affected: 7.0.1
Affected: 7.0.1.1
Affected: 7.0.2
Affected: 7.0.2.1
Affected: 7.0.3
Affected: 7.0.4
Affected: 7.0.5
Affected: 7.0.6
Affected: 7.0.6.1
Affected: 7.0.6.2
Affected: 7.0.6.3
Affected: 7.0.7
Affected: 7.0.8
Affected: 7.0.8.1
Affected: 7.1.0
Affected: 7.1.0.1
Affected: 7.1.0.2
Affected: 7.1.0.3
Affected: 7.2.0
Affected: 7.2.1
Affected: 7.2.2
Affected: 7.2.0.1
Affected: 7.2.3
Affected: 7.2.3.1
Affected: 7.2.4
Affected: 7.2.4.1
Affected: 7.2.5
Affected: 7.2.5.1
Affected: 7.2.6
Affected: 7.2.7
Affected: 7.2.5.2
Affected: 7.2.8
Affected: 7.2.8.1
Affected: 7.2.9
Affected: 7.2.10
Affected: 7.2.10.2
Affected: 7.2.10.1
Affected: 7.3.0
Affected: 7.3.1
Affected: 7.3.1.1
Affected: 7.3.1.2
Affected: 7.4.0
Affected: 7.4.1
Affected: 7.4.1.1
Affected: 7.4.2
Affected: 7.4.2.1
Affected: 7.4.2.2
Affected: 7.4.2.3
Affected: 7.4.2.4
Affected: 7.4.3
Affected: 7.6.0
Affected: 7.6.1
Affected: 7.6.2
Affected: 7.6.2.1
Affected: 7.6.3
Affected: 7.7.0
Affected: 7.7.10
Affected: 7.7.10.1
Affected: 7.7.11
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-20079",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-05T04:55:41.152638Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-05T14:06:33.865Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Secure Firewall Management Center (FMC)",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.2.1"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.0.4"
            },
            {
              "status": "affected",
              "version": "7.0.5"
            },
            {
              "status": "affected",
              "version": "7.0.6"
            },
            {
              "status": "affected",
              "version": "7.0.6.1"
            },
            {
              "status": "affected",
              "version": "7.0.6.2"
            },
            {
              "status": "affected",
              "version": "7.0.6.3"
            },
            {
              "status": "affected",
              "version": "7.0.7"
            },
            {
              "status": "affected",
              "version": "7.0.8"
            },
            {
              "status": "affected",
              "version": "7.0.8.1"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.1.0.3"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            },
            {
              "status": "affected",
              "version": "7.2.3"
            },
            {
              "status": "affected",
              "version": "7.2.3.1"
            },
            {
              "status": "affected",
              "version": "7.2.4"
            },
            {
              "status": "affected",
              "version": "7.2.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            },
            {
              "status": "affected",
              "version": "7.2.5.1"
            },
            {
              "status": "affected",
              "version": "7.2.6"
            },
            {
              "status": "affected",
              "version": "7.2.7"
            },
            {
              "status": "affected",
              "version": "7.2.5.2"
            },
            {
              "status": "affected",
              "version": "7.2.8"
            },
            {
              "status": "affected",
              "version": "7.2.8.1"
            },
            {
              "status": "affected",
              "version": "7.2.9"
            },
            {
              "status": "affected",
              "version": "7.2.10"
            },
            {
              "status": "affected",
              "version": "7.2.10.2"
            },
            {
              "status": "affected",
              "version": "7.2.10.1"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.1.2"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.1.1"
            },
            {
              "status": "affected",
              "version": "7.4.2"
            },
            {
              "status": "affected",
              "version": "7.4.2.1"
            },
            {
              "status": "affected",
              "version": "7.4.2.2"
            },
            {
              "status": "affected",
              "version": "7.4.2.3"
            },
            {
              "status": "affected",
              "version": "7.4.2.4"
            },
            {
              "status": "affected",
              "version": "7.4.3"
            },
            {
              "status": "affected",
              "version": "7.6.0"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.6.2"
            },
            {
              "status": "affected",
              "version": "7.6.2.1"
            },
            {
              "status": "affected",
              "version": "7.6.3"
            },
            {
              "status": "affected",
              "version": "7.7.0"
            },
            {
              "status": "affected",
              "version": "7.7.10"
            },
            {
              "status": "affected",
              "version": "7.7.10.1"
            },
            {
              "status": "affected",
              "version": "7.7.11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system.\r\n\r This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute a variety of scripts and commands that allow root access to the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "Authentication Bypass Using an Alternate Path or Channel",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-04T17:17:35.838Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-onprem-fmc-authbypass-5JPp45V2",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-fmc-authbypass-5JPp45V2"
        }
      ],
      "source": {
        "advisory": "cisco-sa-onprem-fmc-authbypass-5JPp45V2",
        "defects": [
          "CSCwr96008"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2026-20079",
    "datePublished": "2026-03-04T17:17:35.838Z",
    "dateReserved": "2025-10-08T11:59:15.363Z",
    "dateUpdated": "2026-03-05T14:06:33.865Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-12579 (GCVE-0-2026-12579)

Vulnerability from cvelistv5 – Published: 2026-07-01 05:22 – Updated: 2026-07-01 12:29
VLAI
Title
AS228T - Authentication Bypass Vulnerability
Summary
AS228T with Authentication Bypass Vulnerability
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
Impacted products
Vendor Product Version
deltaww AS228T Affected: 0 , ≤ 1.14 (custom)
Create a notification for this product.
Date Public
2026-07-01 05:16
Credits
CNVD
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-12579",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-01T12:29:11.035257Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-01T12:29:19.895Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "AS228T",
          "vendor": "deltaww",
          "versions": [
            {
              "lessThanOrEqual": "1.14",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "coordinator",
          "value": "CNVD"
        }
      ],
      "datePublic": "2026-07-01T05:16:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "AS228T with Authentication Bypass Vulnerability"
            }
          ],
          "value": "AS228T with Authentication Bypass Vulnerability"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115: Authentication Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-01T05:22:38.951Z",
        "orgId": "759f5e80-c8e1-4224-bead-956d7b33c98b",
        "shortName": "Deltaww"
      },
      "references": [
        {
          "url": "https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00012_AS228T%20Authentication%20Bypass%20Vulnerability%20(CVE-2026-12579).pdf"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Users are recommended to upgrade the firmware to v1.16 or later."
            }
          ],
          "value": "Users are recommended to upgrade the firmware to v1.16 or later."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "AS228T - Authentication Bypass Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "759f5e80-c8e1-4224-bead-956d7b33c98b",
    "assignerShortName": "Deltaww",
    "cveId": "CVE-2026-12579",
    "datePublished": "2026-07-01T05:22:38.951Z",
    "dateReserved": "2026-06-18T05:22:59.674Z",
    "dateUpdated": "2026-07-01T12:29:19.895Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-12225 (GCVE-0-2026-12225)

Vulnerability from cvelistv5 – Published: 2026-06-16 11:20 – Updated: 2026-06-21 07:37
VLAI
Title
syracom Secure Login (2FA) for Confluence allows 2FA bypass via spoofed User-Agent
Summary
syracom AG Secure Login (2FA) for Atlassian Jira, Confluence, and Bitbucket 3.4.0.x contains an authentication bypass vulnerability. An attacker with valid credentials for a user account can bypass the two-factor authentication flow by sending HTTP requests with a crafted User-Agent header containing specific strings such as AtlassianMobileApp or JIRA. When such a User-Agent is present, the plugin does not enforce the configured 2FA checks for protected web resources. Successful exploitation allows the attacker to access the affected Atlassian application as the compromised user without completing 2FA. If the compromised account has administrative privileges, the attacker can access administrative functionality and may disable the 2FA plugin or make arbitrary administrative changes. The issue is fixed in version 3.5.0.0.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-288 - Authentication bypass using an alternate path or channel
Assigner
Credits
Laurentius von Oppenkowski, SEC Consult Vulnerability Lab Timo Müller, SEC Consult Vulnerability Lab
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-12225",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-16T12:05:55.723368Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-16T12:09:13.418Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-06-21T07:37:23.996Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://seclists.org/fulldisclosure/2026/Jun/16"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Secure Login (2FA) for Jira",
          "vendor": "syracom AG",
          "versions": [
            {
              "lessThan": "3.5.0.0",
              "status": "affected",
              "version": "3.4.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Secure Login (2FA) for Confluence",
          "vendor": "syracom AG",
          "versions": [
            {
              "lessThan": "3.5.0.0",
              "status": "affected",
              "version": "3.4.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Secure Login (2FA) for Bitbucket",
          "vendor": "syracom AG",
          "versions": [
            {
              "status": "affected",
              "version": "3.4.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Laurentius von Oppenkowski, SEC Consult Vulnerability Lab"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Timo M\u00fcller, SEC Consult Vulnerability Lab"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "syracom AG Secure Login (2FA) for Atlassian Jira, Confluence, and Bitbucket 3.4.0.x contains an authentication bypass vulnerability. An attacker with valid credentials for a user account can bypass the two-factor authentication flow by sending HTTP requests with a crafted User-Agent header containing specific strings such as AtlassianMobileApp or JIRA. When such a User-Agent is present, the plugin does not enforce the configured 2FA checks for protected web resources. Successful exploitation allows the attacker to access the affected Atlassian application as the compromised user without completing 2FA. If the compromised account has administrative privileges, the attacker can access administrative functionality and may disable the 2FA plugin or make arbitrary administrative changes. The issue is fixed in version 3.5.0.0."
            }
          ],
          "value": "syracom AG Secure Login (2FA) for Atlassian Jira, Confluence, and Bitbucket 3.4.0.x contains an authentication bypass vulnerability. An attacker with valid credentials for a user account can bypass the two-factor authentication flow by sending HTTP requests with a crafted User-Agent header containing specific strings such as AtlassianMobileApp or JIRA. When such a User-Agent is present, the plugin does not enforce the configured 2FA checks for protected web resources. Successful exploitation allows the attacker to access the affected Atlassian application as the compromised user without completing 2FA. If the compromised account has administrative privileges, the attacker can access administrative functionality and may disable the 2FA plugin or make arbitrary administrative changes. The issue is fixed in version 3.5.0.0."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115 Authentication Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288 Authentication bypass using an alternate path or channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-16T11:20:37.621Z",
        "orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
        "shortName": "SEC-VLab"
      },
      "references": [
        {
          "tags": [
            "product"
          ],
          "url": "https://marketplace.atlassian.com/apps/1214491/secure-login-2fa-for-confluence"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://syracom-bee.atlassian.net/wiki/spaces/SL/pages/4193255427/2026-05-11+-+Secure+Login+security+advisory+-+Broken+Access+Control"
        },
        {
          "tags": [
            "mitigation"
          ],
          "url": "https://syracom-bee.atlassian.net/wiki/spaces/SL/pages/4230217729/Mobile+app+login+does+not+work+with+Secure+Login"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://r.sec-consult.com/syracom"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Upgrade Secure Login (2FA) for Jira, Confluence, and Bitbucket to version 3.5.0.0 or later."
            }
          ],
          "value": "Upgrade Secure Login (2FA) for Jira, Confluence, and Bitbucket to version 3.5.0.0 or later."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "syracom Secure Login (2FA) for Confluence allows 2FA bypass via spoofed User-Agent",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "No workaround is required. The vendor provides a fixed version 3.5.0.0, which should be installed immediately."
            }
          ],
          "value": "No workaround is required. The vendor provides a fixed version 3.5.0.0, which should be installed immediately."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
    "assignerShortName": "SEC-VLab",
    "cveId": "CVE-2026-12225",
    "datePublished": "2026-06-16T11:20:37.621Z",
    "dateReserved": "2026-06-14T15:35:21.997Z",
    "dateUpdated": "2026-06-21T07:37:23.996Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-10523 (GCVE-0-2026-10523)

Vulnerability from cvelistv5 – Published: 2026-06-09 14:16 – Updated: 2026-06-10 03:58
VLAI
Summary
An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-288 - Authentication bypass using an alternate path or channel
Assigner
Impacted products
Vendor Product Version
ivanti Sentry Unaffected: R10.5.2
Unaffected: R10.6.2
Unaffected: R10.7.1
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-10523",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-09T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-10T03:58:55.720Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Sentry",
          "vendor": "ivanti",
          "versions": [
            {
              "status": "unaffected",
              "version": "R10.5.2"
            },
            {
              "status": "unaffected",
              "version": "R10.6.2"
            },
            {
              "status": "unaffected",
              "version": "R10.7.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An Authentication Bypass vulnerability (CWE-288)\u0026nbsp;in Ivanti\u0026nbsp;Sentry before the\u0026nbsp;R10.5.2, R10.6.2 and R10.7.1\u0026nbsp;versions\u0026nbsp;allows\u0026nbsp;a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access\u0026nbsp;"
            }
          ],
          "value": "An Authentication Bypass vulnerability (CWE-288)\u00a0in Ivanti\u00a0Sentry before the\u00a0R10.5.2, R10.6.2 and R10.7.1\u00a0versions\u00a0allows\u00a0a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115 Authentication Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288 Authentication bypass using an alternate path or channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T14:17:40.240Z",
        "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "shortName": "ivanti"
      },
      "references": [
        {
          "url": "https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
    "assignerShortName": "ivanti",
    "cveId": "CVE-2026-10523",
    "datePublished": "2026-06-09T14:16:41.255Z",
    "dateReserved": "2026-06-01T08:57:47.470Z",
    "dateUpdated": "2026-06-10T03:58:55.720Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-8990 (GCVE-0-2026-8990)

Vulnerability from cvelistv5 – Published: 2026-05-28 13:27 – Updated: 2026-05-28 15:14
VLAI
Title
Authentication Bypass in Kidsview
Summary
A user with physical access to a smartphone can bypass authentication mechanism of Kidsview mobile application and grant himself full access to the device owner's account by interacting with application's push notification. This issue was fixed in version 4.4.3
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
  • CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
Impacted products
Vendor Product Version
View Concept Kidsview Affected: 4.0.1 , < 4.4.3 (semver)
Create a notification for this product.
Date Public
2026-05-28 13:26
Credits
Jakub Lewandowski
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-8990",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-28T15:12:50.115280Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-28T15:14:26.194Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Android",
            "iOS"
          ],
          "product": "Kidsview",
          "vendor": "View Concept",
          "versions": [
            {
              "lessThan": "4.4.3",
              "status": "affected",
              "version": "4.0.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Jakub Lewandowski"
        }
      ],
      "datePublic": "2026-05-28T13:26:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA user with physical access to a smartphone can bypass\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eauthentication mechanism of \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eKidsview mobile application \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eand grant himself full access to the device owner\u0027s account by interacting with application\u0027s push notification.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003eThis issue was fixed in version 4.4.3"
            }
          ],
          "value": "A user with physical access to a smartphone can bypass\u00a0authentication mechanism of Kidsview mobile application and grant himself full access to the device owner\u0027s account by interacting with application\u0027s push notification.\n\nThis issue was fixed in version 4.4.3"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115 Authentication Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "PHYSICAL",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-359",
              "description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-28T13:27:00.417Z",
        "orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
        "shortName": "CERT-PL"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://cert.pl/posts/2026/05/CVE-2026-8990"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://kidsview.pl/"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Authentication Bypass in Kidsview",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
    "assignerShortName": "CERT-PL",
    "cveId": "CVE-2026-8990",
    "datePublished": "2026-05-28T13:27:00.417Z",
    "dateReserved": "2026-05-19T13:13:51.711Z",
    "dateUpdated": "2026-05-28T15:14:26.194Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-8697 (GCVE-0-2026-8697)

Vulnerability from cvelistv5 – Published: 2026-05-28 15:45 – Updated: 2026-05-29 03:55
VLAI
Title
Improper Authentication Rate Limiting on TP-Link's Archer C64
Summary
Due to improper enforcement of authentication rate-limiting on a debug SSH service in Archer C64 v1, the SSH service allows unlimited authentication attempts and uses the same credentials as the web interface. This enables an attacker to brute-force valid credentials via SSH. Successful exploitation could allow an attacker with adjacent network access to obtain administrative credentials through unrestricted authentication attempts and subsequently gain full administrative access to the device, impacting system confidentiality, integrity, and availability.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-288 - Authentication bypass using an alternate path or channel
Assigner
Impacted products
Vendor Product Version
TP-Link Systems Inc. Archer C64 v1.0 Affected: 0 , < 1.15.0 Build 250729 Rel.63489n(4555) (custom)
Create a notification for this product.
Credits
Tanjim Kamal
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-8697",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-28T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-29T03:55:51.604Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Archer C64 v1.0",
          "vendor": "TP-Link Systems Inc.",
          "versions": [
            {
              "lessThan": "1.15.0 Build 250729 Rel.63489n(4555)",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Tanjim Kamal"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Due to improper enforcement of authentication rate-limiting on a debug SSH service in Archer C64 v1, the SSH service allows unlimited authentication attempts and uses the same credentials as the web interface.  This enables an attacker to brute-force valid credentials via SSH.\n\u003cbr\u003eSuccessful exploitation could allow an attacker with adjacent network access to obtain administrative credentials through unrestricted authentication attempts and subsequently gain full administrative access to the device, impacting system confidentiality, integrity, and availability.\u0026nbsp;\u003cbr\u003e"
            }
          ],
          "value": "Due to improper enforcement of authentication rate-limiting on a debug SSH service in Archer C64 v1, the SSH service allows unlimited authentication attempts and uses the same credentials as the web interface.  This enables an attacker to brute-force valid credentials via SSH.\n\nSuccessful exploitation could allow an attacker with adjacent network access to obtain administrative credentials through unrestricted authentication attempts and subsequently gain full administrative access to the device, impacting system confidentiality, integrity, and availability."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-49",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-49 Password Brute Forcing"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288 Authentication bypass using an alternate path or channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-28T15:45:20.971Z",
        "orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
        "shortName": "TPLink"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.tp-link.com/en/support/download/archer-c64/v1/#Firmware"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.tp-link.com/us/support/faq/5105/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Improper Authentication Rate Limiting on TP-Link\u0027s Archer C64",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
    "assignerShortName": "TPLink",
    "cveId": "CVE-2026-8697",
    "datePublished": "2026-05-28T15:45:20.971Z",
    "dateReserved": "2026-05-15T16:35:09.352Z",
    "dateUpdated": "2026-05-29T03:55:51.604Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-8598 (GCVE-0-2026-8598)

Vulnerability from cvelistv5 – Published: 2026-05-20 14:53 – Updated: 2026-05-20 15:27
VLAI
Title
Unauthenticated Export Service in ZKTeco CCTV Cameras
Summary
An undocumented configuration export port is accessible on some models of ZKTeco CCTV cameras. This port does not require authentication and exposes critical information about the camera such as open services and camera account credentials.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
ZKTeco SSC335-GC2063-Face-0b77 Solution Camera Affected: 0 , < V5.0.1.2.20260421 (custom)
Unaffected: V5.0.1.2.20260421
Create a notification for this product.
Date Public
2026-05-20 02:02
Credits
Souvik Kandar reported this vulnerability to CISA.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-8598",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-20T15:27:20.433318Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-20T15:27:49.460Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SSC335-GC2063-Face-0b77 Solution Camera",
          "vendor": "ZKTeco",
          "versions": [
            {
              "lessThan": "V5.0.1.2.20260421",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "V5.0.1.2.20260421"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Souvik Kandar reported this vulnerability to CISA."
        }
      ],
      "datePublic": "2026-05-20T02:02:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An undocumented configuration export port is accessible on some models \nof ZKTeco CCTV cameras. This port does not require authentication and \nexposes critical information about the camera such as open services and \ncamera account credentials."
            }
          ],
          "value": "An undocumented configuration export port is accessible on some models \nof ZKTeco CCTV cameras. This port does not require authentication and \nexposes critical information about the camera such as open services and \ncamera account credentials."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-20T14:53:48.861Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.zkteco.com/en/announcement/23"
        },
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-139-04"
        },
        {
          "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-139-04.json"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "ZKTeco has patched this vulnerability in firmware version V5.0.1.2.20260421. ZKTeco recommends that users upgrade to firmware version V5.0.1.2.20260421 or later at their earliest opportunity."
            }
          ],
          "value": "ZKTeco has patched this vulnerability in firmware version V5.0.1.2.20260421. ZKTeco recommends that users upgrade to firmware version V5.0.1.2.20260421 or later at their earliest opportunity."
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Please see the security advisory from ZKTeco here: https://www.zkteco.com/en/announcement/23 for further information.\u003cbr\u003e\u003ca href=\"https://www.zkteco.com/en/announcement/23\"\u003ehttps://www.zkteco.com/en/announcement/23\u003c/a\u003e"
            }
          ],
          "value": "Please see the security advisory from ZKTeco here: https://www.zkteco.com/en/announcement/23 for further information.\n https://www.zkteco.com/en/announcement/23"
        }
      ],
      "source": {
        "advisory": "ICSA-26-139-04",
        "discovery": "EXTERNAL"
      },
      "title": "Unauthenticated Export Service in ZKTeco CCTV Cameras",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2026-8598",
    "datePublished": "2026-05-20T14:53:48.861Z",
    "dateReserved": "2026-05-14T14:10:56.160Z",
    "dateUpdated": "2026-05-20T15:27:49.460Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-8321 (GCVE-0-2026-8321)

Vulnerability from cvelistv5 – Published: 2026-05-11 19:45 – Updated: 2026-05-12 12:59
VLAI
Title
inkeep agents runAuth Middleware runAuth.ts createDevContext authentication bypass
Summary
A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affects the function createDevContext of the file agents-api/src/middleware/runAuth.ts of the component runAuth Middleware. Performing a manipulation results in authentication bypass using alternate channel. The attack is possible to be carried out remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-288 - Authentication Bypass Using Alternate Channel
  • CWE-287 - Improper Authentication
Assigner
References
URL Tags
https://vuldb.com/vuln/362608 vdb-entrytechnical-description
https://vuldb.com/vuln/362608/cti signaturepermissions-required
https://vuldb.com/submit/811314 third-party-advisory
https://github.com/inkeep/agents/issues/3024 exploitissue-tracking
https://github.com/inkeep/agents/ product
Impacted products
Vendor Product Version
inkeep agents Affected: 0.58.14
Create a notification for this product.
Credits
Eric-d (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-8321",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-12T12:59:33.001542Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T12:59:42.234Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "runAuth Middleware"
          ],
          "product": "agents",
          "vendor": "inkeep",
          "versions": [
            {
              "status": "affected",
              "version": "0.58.14"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Eric-d (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affects the function createDevContext of the file agents-api/src/middleware/runAuth.ts of the component runAuth Middleware. Performing a manipulation results in authentication bypass using alternate channel. The attack is possible to be carried out remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "Authentication Bypass Using Alternate Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T19:45:08.634Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-362608 | inkeep agents runAuth Middleware runAuth.ts createDevContext authentication bypass",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/362608"
        },
        {
          "name": "VDB-362608 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/362608/cti"
        },
        {
          "name": "Submit #811314 | inkeep agents 0.58.14 Authentication Bypass (CWE-288)",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/811314"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/inkeep/agents/issues/3024"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/inkeep/agents/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-11T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-05-11T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-05-11T15:41:26.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "inkeep agents runAuth Middleware runAuth.ts createDevContext authentication bypass"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-8321",
    "datePublished": "2026-05-11T19:45:08.634Z",
    "dateReserved": "2026-05-11T13:36:22.325Z",
    "dateUpdated": "2026-05-12T12:59:42.234Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation
Architecture and Design

Funnel all access through a single choke point to simplify how users can access a resource. For every access, perform a check to determine if the user has permissions to access the resource.

CAPEC-127: Directory Indexing

An adversary crafts a request to a target that results in the target listing/indexing the content of a directory as output. One common method of triggering directory contents as output is to construct a request containing a path that terminates in a directory name rather than a file name since many applications are configured to provide a list of the directory's contents when such a request is received. An adversary can use this to explore the directory tree on a target as well as learn the names of files. This can often end up revealing test files, backup files, temporary files, hidden files, configuration files, user accounts, script contents, as well as naming conventions, all of which can be used by an attacker to mount additional attacks.

CAPEC-665: Exploitation of Thunderbolt Protection Flaws

An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.