| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33875 | Authenticator Vulnerable to Authentication Flow Hijack | gematik | app-Authenticator | Critical | 9.3 | 2026-03-27 20:25:16 | Deep Dive |
| CVE-2026-33874 | Authenticator vulnerable to Remote Code Execution | gematik | app-Authenticator | High | 7.8 | 2026-03-27 20:23:53 | Deep Dive |
| CVE-2026-26123 | Microsoft Authenticator Information Disclosure Vulnerability | Microsoft | Microsoft Authenticator for Android | Medium | 5.5 | 2026-03-10 19:01:32 | Deep Dive |
| CVE-2025-54745 | WordPress miniOrange's Google Authenticator Plugin <= 6.1.1 - Broken Access Control Vulnerability | miniOrange | miniOrange's Google Authenticator | - | - | 2025-12-18 07:21:50 | Deep Dive |
| CVE-2025-9804 | Improper Access Control in Multiple WSO2 Products via Internal SOAP Admin Services and System REST APIs | WSO2 | WSO2 Identity Server as Key Manager | High | 8.9 | 2025-10-16 12:33:45 | Deep Dive |
| CVE-2025-8093 | Authenticator Login - Moderately critical - Access bypass - SA-CONTRIB-2025-098 | Drupal | Authenticator Login | - | - | 2025-10-10 22:23:58 | Deep Dive |
| CVE-2025-54154 | QNAP Authenticator | QNAP Systems Inc. | QNAP Authenticator | - | - | 2025-10-03 18:15:06 | Deep Dive |
| CVE-2025-8995 | Authenticator Login - Highly critical - Access bypass - SA-CONTRIB-2025-096 | Drupal | Authenticator Login | - | - | 2025-08-15 16:27:39 | Deep Dive |
| CVE-2025-31681 | Authenticator Login - Critical - Access bypass - SA-CONTRIB-2025-009 | Drupal | Authenticator Login | 中危 | - | 2025-03-31 21:39:50 | Deep Dive |
| CVE-2024-45394 | Secret encryption vulnerable to brute-force attacks | Authenticator-Extension | Authenticator | High | 8.8 | 2024-09-03 20:15:43 | Deep Dive |
| CVE-2024-21390 | Microsoft Authenticator Elevation of Privilege Vulnerability | Microsoft | Microsoft Authenticator | High | 7.1 | 2024-03-12 16:57:58 | Deep Dive |
| CVE-2022-44589 | WordPress miniOrange's Google Authenticator Plugin <= 5.6.1 is vulnerable to Sensitive Data Exposure | miniOrange | miniOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email | Passwordless login | High | 8.1 | 2023-12-29 09:40:07 | Deep Dive |
| CVE-2022-4943 | miniOrange's Google Authenticator <= 5.6.5 - Missing Authorization to Plugin Settings Change | cyberlord92 | miniOrange 2FA – Two-Factor Authentication for WordPress (SMS, Email & Google Authenticator) | High | 7.5 | 2023-10-20 07:29:21 | Deep Dive |
| CVE-2023-1477 | HYPR 授权问题漏洞 | HYPR | Keycloak Authenticator Extension | High | 7.2 | 2023-04-28 14:56:02 | Deep Dive |
| CVE-2023-27895 | Information Disclosure vulnerability in SAP Authenticator for Android | SAP | Authenticator for Android | Medium | 6.1 | 2023-03-14 05:08:09 | Deep Dive |
| CVE-2013-10013 | Bricco Authenticator Plugin DBAuthenticator.java compare sql injection | Bricco | Authenticator Plugin | Medium | 5.5 | 2023-01-17 14:58:03 | Deep Dive |
| CVE-2022-3994 | Authenticator < 1.3.1 - Subscriber+ Denial of Service via Feed Token Disclosure | Unknown | Authenticator | 中危 | - | 2023-01-02 21:49:20 | Deep Dive |
| CVE-2022-42461 | WordPress miniOrange's Google Authenticator plugin <= 5.6.1 - Broken Access Control vulnerability | miniOrange | miniOrange's Google Authenticator (WordPress plugin) | Medium | 5.4 | 2022-11-18 19:06:13 | Deep Dive |
| CVE-2022-35290 | SAP Authenticator 信息泄露漏洞 | SAP SE | SAP Authenticator for Android | 高危 | - | 2022-08-09 20:12:47 | Deep Dive |
| CVE-2022-2385 | AccessKeyID validation bypass | Kubernetes | aws-iam-authenticator | High | 8.1 | 2022-07-12 14:25:10 | Deep Dive |