CWE-288 使用候选路径或通道进行的认证绕过 类弱点 435 条 CVE 漏洞汇总,含 AI 中文分析。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2026-22733 | Spring Security 安全漏洞 — Spring Security | 8.2 | High | 2026-03-19 |
| CVE-2026-22731 | VMware Spring Boot 安全漏洞 — Spring Boot | 8.2 | High | 2026-03-19 |
| CVE-2026-32031 | OpenClaw 安全漏洞 — OpenClaw | 4.8 | Medium | 2026-03-19 |
| CVE-2026-32004 | OpenClaw 安全漏洞 — OpenClaw | 6.5 | Medium | 2026-03-19 |
| CVE-2026-25471 | WordPress plugin Admin Safety Guard 安全漏洞 — Admin Safety Guard | 8.1 | High | 2026-03-19 |
| CVE-2026-32130 | ZITADEL 安全漏洞 — zitadel | 7.5 | High | 2026-03-11 |
| CVE-2026-0602 | GitLab 安全漏洞 — GitLab | 4.3 | Medium | 2026-03-11 |
| CVE-2026-27842 | Micro Research MR-GM5L-S1和Micro Research MR-GM5A-L1 安全漏洞 — MR-GM5L-S1 | 9.1AI | CriticalAI | 2026-03-11 |
| CVE-2026-26117 | Microsoft Azure Connected Machine Agent 安全漏洞 — Arc Enabled Servers - Azure Connected Machine Agent | 7.8 | High | 2026-03-10 |
| CVE-2026-22572 | Fortinet FortiManager多款产品 安全漏洞 — FortiManager | 6.8 | High | 2026-03-10 |
| CVE-2026-27390 | WordPress plugin WeDesignTech Ultimate Booking Addon 安全漏洞 — WeDesignTech Ultimate Booking Addon | 9.8 | - | 2026-03-05 |
| CVE-2026-27389 | WordPress plugin WeDesignTech Ultimate Booking Addon 安全漏洞 — WeDesignTech Ultimate Booking Addon | 9.8 | - | 2026-03-05 |
| CVE-2026-30777 | EC-CUBE 安全漏洞 — EC-CUBE 4.1 series | 7.2 | - | 2026-03-05 |
| CVE-2026-20079 | Cisco Secure Firewall Management Center 安全漏洞 — Cisco Secure Firewall Management Center (FMC) | 10.0 | Critical | 2026-03-04 |
| CVE-2026-2628 | WordPress plugin All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login 安全漏洞 — All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login | 9.8 | Critical | 2026-03-03 |
| CVE-2026-28411 | WeGIA 安全漏洞 — WeGIA | 9.8 | Critical | 2026-02-27 |
| CVE-2026-27707 | seerr 安全漏洞 — seerr | 7.3 | High | 2026-02-27 |
| CVE-2026-22205 | SPIP 安全漏洞 — SPIP | 7.5 | High | 2026-02-26 |
| CVE-2026-1241 | Pelco Sarix Professional 3 Series 安全漏洞 — Sarix Professional IMP 3 Series | 9.1AI | CriticalAI | 2026-02-26 |
| CVE-2026-1779 | WordPress plugin User Registration & Membership 安全漏洞 — User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder | 8.1 | High | 2026-02-26 |
| CVE-2026-1747 | GitLab EE 安全漏洞 — GitLab | 4.3 | Medium | 2026-02-25 |
| CVE-2026-22341 | WordPress plugin Booked 安全漏洞 — Booked | 6.7 | Medium | 2026-02-20 |
| CVE-2025-68895 | WordPress plugin AhaChat Messenger Marketing 安全漏洞 — AhaChat Messenger Marketing | 9.8AI | CriticalAI | 2026-02-20 |
| CVE-2025-67998 | WordPress plugin Miraculous Elementor 安全漏洞 — Miraculous Elementor | 9.8AI | CriticalAI | 2026-02-20 |
| CVE-2026-2540 | Micca KE700 安全漏洞 — Car Alarm System KE700 | 6.8AI | MediumAI | 2026-02-15 |
| CVE-2026-1618 | Universal FlexCity/Kiosk 安全漏洞 — FlexCity/Kiosk | 8.8 | High | 2026-02-13 |
| CVE-2020-37156 | BloodX 安全漏洞 — BloodX | 6.5 | Medium | 2026-02-11 |
| CVE-2026-1603 | Ivanti Endpoint Manager 安全漏洞 — Endpoint Manager | 8.6 | High | 2026-02-10 |
| CVE-2026-2096 | Flowring Agentflow 安全漏洞 — Agentflow | 9.8 | Critical | 2026-02-10 |
| CVE-2026-2095 | Flowring Agentflow 安全漏洞 — Agentflow | 9.8 | Critical | 2026-02-10 |
CWE-288(使用候选路径或通道进行的认证绕过) 是常见的弱点类别,本平台收录该类弱点关联的 435 条 CVE 漏洞。