Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18829

18829 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2026-25577 Emmett has an Unhandled CookieError Exception Causing Denial of Service — coreCWE-248 7.5 High2026-02-10
CVE-2025-32008 Intel AMT和Intel Standard Manageability 缓冲区错误漏洞 — Intel(R) AMT and Intel(R) Standard Manageability 8.6 High2026-02-10
CVE-2025-20080 Intel AMT和Intel Standard Manageability 代码问题漏洞 — Intel(R) AMT and Intel(R) Standard Manageability 6.8 Medium2026-02-10
CVE-2025-68686 Fortinet FortiOS 信息泄露漏洞 — FortiOSCWE-200 5.3 Medium2026-02-10
CVE-2025-52436 Fortinet FortiSandbox 跨站脚本漏洞 — FortiSandboxCWE-79 7.9 High2026-02-10
CVE-2025-55018 Fortinet FortiOS 环境问题漏洞 — FortiOSCWE-444 5.2 Medium2026-02-10
CVE-2026-22153 Fortinet FortiOS 安全漏洞 — FortiOSCWE-305 7.5 High2026-02-10
CVE-2026-1603 Ivanti Endpoint Manager 安全漏洞 — Endpoint ManagerCWE-288 8.6 High2026-02-10
CVE-2026-23906 Apache Druid: Authentication Bypass via LDAP Anonymous Bind — Apache DruidCWE-287 9.8AICriticalAI2026-02-10
CVE-2026-1866 Name Directory <= 1.32.0 - Unauthenticated Stored Cross-Site Scripting via Double HTML-Entity Encoding in Submission Form — Name DirectoryCWE-79 7.2 High2026-02-10
CVE-2026-2268 Ninja Forms <= 3.14.0 - Unauthenticated Information Disclosure in nf_ajax_submit AJAX Action — Ninja Forms – The Contact Form Builder That Grows With YouCWE-200 7.5 High2026-02-10
CVE-2026-1722 WCFM Marketplace <= 3.7.0 - Insecure Direct Object Reference to Unauthenticated Arbitrary Refund Request Creation — WCFM Marketplace – Multivendor Marketplace for WooCommerceCWE-862 5.3 Medium2026-02-10
CVE-2026-2098 Flowring|AgentFlow - Reflected Cross-site Scripting — AgentFlowCWE-79 6.1 Medium2026-02-10
CVE-2026-2096 Flowring|Agentflow - Missing Authenticaton — AgentflowCWE-288 9.8 Critical2026-02-10
CVE-2026-2095 Flowring|Agentflow - Authentication Bypass — AgentflowCWE-288 9.8 Critical2026-02-10
CVE-2026-2093 Flowring|Docpedia - SQL Injection — DocpediaCWE-89 7.5 High2026-02-10
CVE-2026-24328 Open Redirection vulnerability in Business Server Pages Application (TAF_APPLAUNCHER) — Business Server Pages Application (TAF_APPLAUNCHER)CWE-601 6.1 Medium2026-02-10
CVE-2026-24323 Multiple vulnerabilities in BSP Applications of SAP Document Management System — SAP Document Management SystemCWE-601 6.1 Medium2026-02-10
CVE-2026-24321 Information Disclosure vulnerability in SAP Commerce Cloud — SAP Commerce CloudCWE-359 5.3 Medium2026-02-10
CVE-2026-0505 Multiple vulnerabilities in BSP Applications of SAP Document Management System — SAP Document Management SystemCWE-79 6.1 Medium2026-02-10
CVE-2026-0490 Denial of service (DOS) in SAP BusinessObjects BI Platform — SAP BusinessObjects BI PlatformCWE-862 7.5 High2026-02-10
CVE-2026-0485 Denial of service (DOS) vulnerability in SAP BusinessObjects BI Platform — SAP BusinessObjects BI PlatformCWE-405 7.5 High2026-02-10
CVE-2026-25895 FUXA Unauthenticated Remote Code Execution via Arbitrary File Write in Upload API — FUXACWE-22 7.5AIHighAI2026-02-09
CVE-2026-25894 FUXA Unauthenticated Remote Code Execution via Hardcoded JWT Secret in Default Configuration — FUXACWE-321 9.8AICriticalAI2026-02-09
CVE-2026-25893 FUXA Unauthenticated Remote Code Execution via Admin JWT Minting — FUXACWE-285 9.8AICriticalAI2026-02-09
CVE-2026-25939 FUXA Unauthenticated Remote Arbitrary Scheduler Write — FUXACWE-862 9.3AICriticalAI2026-02-09
CVE-2026-25938 FUXA Unauthenticated Remote Code Execution in Node-RED Integration — FUXACWE-290 9.8AICriticalAI2026-02-09
CVE-2026-25885 PolarLearn allows Unauthenticated WebSocket access allows subscribing to and posting in arbitrary group chats — PolarLearnCWE-285 6.5AIMediumAI2026-02-09
CVE-2026-25878 FroshAdminer Adminer UI is accessible without admin session — FroshPlatformAdminerCWE-306 9.4AICriticalAI2026-02-09
CVE-2026-25791 Sliver has a DNS C2 OTP Bypass Allows Unauthenticated Session Flooding and Denial of Service — sliverCWE-306 7.5 High2026-02-09

Vulnerabilities classified as access:pre-auth represent 18829 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.