CWE-306 (关键功能的认证机制缺失) — Vulnerability Class 1097

1097 vulnerabilities classified as CWE-306 (关键功能的认证机制缺失). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-26362	Q-Free MAXTIME Suite 访问控制错误漏洞 — MaxTime	7.5	High	2025-02-12
CVE-2025-26361	Q-Free MAXTIME Suite 访问控制错误漏洞 — MaxTime	9.1	Critical	2025-02-12
CVE-2025-26360	Q-Free MAXTIME Suite 访问控制错误漏洞 — MaxTime	5.3	Medium	2025-02-12
CVE-2025-26359	Q-Free MAXTIME Suite 访问控制错误漏洞 — MaxTime	9.8	Critical	2025-02-12
CVE-2025-26347	Q-Free MAXTIME Suite 访问控制错误漏洞 — MaxTime	9.8	Critical	2025-02-12
CVE-2025-26345	Q-Free MAXTIME Suite 访问控制错误漏洞 — MaxTime	9.8	Critical	2025-02-12
CVE-2025-26344	Q-Free MAXTIME Suite 访问控制错误漏洞 — MaxTime	9.8	Critical	2025-02-12
CVE-2025-26342	Q-Free MAXTIME Suite 访问控制错误漏洞 — MaxTime	9.8	Critical	2025-02-12
CVE-2025-26341	Q-Free MAXTIME Suite 访问控制错误漏洞 — MaxTime	9.8	Critical	2025-02-12
CVE-2025-26339	Q-Free MAXTIME Suite 访问控制错误漏洞 — MaxTime	9.8	Critical	2025-02-12
CVE-2025-21198	Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability — Microsoft HPC Pack 2016	9.0	Critical	2025-02-11
CVE-2024-10649	Unauthenticated File Upload in wandb/openui — wandb/openui	10.0	-	2025-02-10
CVE-2024-54176	IBM UrbanCode Deploy missing authentication — UrbanCode Deploy	4.3	Medium	2025-02-08
CVE-2024-12511	SMB/FTP Address Book Scan Pass-back attack — Versalink B400	7.6	High	2025-02-03
CVE-2024-12957	ASUS Armoury Crate Service 访问控制错误漏洞 — Armoury Crate	8.1	-	2025-01-23
CVE-2024-12757	Nedap Librix Ecoreader Missing Authentication for Critical Function — Ecoreader	8.6	High	2025-01-17
CVE-2025-0456	NetVision Information airPASS - Missing Authentication — airPASS	9.8	Critical	2025-01-16
CVE-2025-0355	NEC Aterm多款产品访问控制错误漏洞 — WG2600HS	7.5	High	2025-01-15
CVE-2024-39773	WAVLINK AC3000 访问控制错误漏洞 — Wavlink AC3000	5.3	Medium	2025-01-14
CVE-2024-39608	WAVLINK AC3000 访问控制错误漏洞 — Wavlink AC3000	10.0	Critical	2025-01-14
CVE-2024-39273	WAVLINK AC3000 访问控制错误漏洞 — Wavlink AC3000	9.0	Critical	2025-01-14
CVE-2024-35277	Fortinet FortiPortal和Fortinet FortiManager 访问控制错误漏洞 — FortiManager	8.4	High	2025-01-14
CVE-2024-13186	MinigameCenter information leakage vulnerability — MinigameCenter	7.5	-	2025-01-08
CVE-2024-13185	MinigameCenter module information leakage vulnerability — MinigameCenter	7.5	-	2025-01-08
CVE-2024-13173	Health information leakage vulnerability — Health	7.5	-	2025-01-08
CVE-2024-55538	Acronis True Image 访问控制错误漏洞 — Acronis True Image	7.5	-	2025-01-02
CVE-2024-12106	WhatsUp Gold - LDAP configuration interface leading to allowing attacker to configure LDAP settings without authentication — WhatsUp Gold	9.4	Critical	2024-12-31
CVE-2024-56799	Simofa Allows Unauthenticated Access to API Routes — simofa	10.0	Critical	2024-12-30
CVE-2024-7726	Arbitrary Code execution via exposed JTAG port in Kioxia CM6, PM6, PM7 — CM6	6.1	-	2024-12-20
CVE-2021-26280	Permission bypass vulnerability in permission manager module — Permission manager module	7.9	High	2024-12-17

Vulnerabilities classified as CWE-306 (关键功能的认证机制缺失) represent 1097 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-306 (关键功能的认证机制缺失) — Vulnerability Class 1097