Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18829

18829 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2026-25480 FileStore key canonicalization collisions allow response cache mixup/poisoning (ASCII ord + Unicode NFKD) — litestarCWE-176 6.5 Medium2026-02-09
CVE-2026-25231 FileRise affected by an Unauthenticated File Read Due to Insufficient Access Control — FileRiseCWE-284 7.5 High2026-02-09
CVE-2026-22906 Hardcoded Key Allows Credential Disclosure — 0852-1322CWE-321 9.8 Critical2026-02-09
CVE-2026-22905 Authentication Bypass via URI Traversal — 0852-1322CWE-22 7.5 High2026-02-09
CVE-2026-22904 Stack Overflow via Oversized Cookie Fields in lighttpd — 0852-1322CWE-121 9.8 Critical2026-02-09
CVE-2026-22903 Stack Overflow via SESSIONID Cookie in lighttpd — 0852-1322CWE-121 9.8 Critical2026-02-09
CVE-2026-2236 HGiga|C&Cm@il - SQL Injection — C&Cm@il package olln-baseCWE-89 7.5 High2026-02-09
CVE-2026-2234 HGiga|C&Cm@il - Missing Authentication — C&Cm@il package olln-baseCWE-306 9.1 Critical2026-02-09
CVE-2026-2216 rachelos WeRSS we-mp-rss tools.py download_export_file path traversal — WeRSS we-mp-rssCWE-22 4.3 Medium2026-02-09
CVE-2026-2190 itsourcecode School Management System controller.php sql injection — School Management SystemCWE-89 7.3 High2026-02-08
CVE-2026-2163 D-Link DIR-600 ssdp.cgi command injection — DIR-600CWE-77 4.7 Medium2026-02-08
CVE-2026-2138 Tenda TX9 SetStaticRouteCfg sub_42D03C buffer overflow — TX9CWE-120 8.8 High2026-02-08
CVE-2026-2137 Tenda TX3 SetIpMacBind buffer overflow — TX3CWE-120 8.8 High2026-02-08
CVE-2026-2136 projectworlds Online Food Ordering System view-ticket.php sql injection — Online Food Ordering SystemCWE-89 7.3 High2026-02-08
CVE-2025-15027 JAY Login & Register <= 2.6.03 - Unauthenticated Privilege Escalation via jay_login_register_ajax_create_final_user — JAY Login & RegisterCWE-269 9.8 Critical2026-02-08
CVE-2026-25858 macrozheng mall <= 1.0.3 Unauthenticated Password Reset via OTP Disclosure — mallCWE-640 9.1 Critical2026-02-07
CVE-2026-2080 UTT HiPER 810 formUser setSysAdm command injection — HiPER 810CWE-77 7.2 High2026-02-07
CVE-2026-1082 TITLE ANIMATOR <= 1.0 - Cross-Site Request Forgery to Settings Update — TITLE ANIMATORCWE-352 4.3 Medium2026-02-07
CVE-2026-1634 Subitem AL Slider <= 1.0.0 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] — Subitem AL SliderCWE-79 6.1 Medium2026-02-07
CVE-2026-1675 Advanced Country Blocker <= 2.3.1 - Unauthenticated Authorization Bypass via Insecure Default Secret Key — Advanced Country BlockerCWE-1188 5.3 Medium2026-02-07
CVE-2026-1643 MP-Ukagaka <= 1.5.2 - Reflected Cross-Site Scripting — MP-UkagakaCWE-79 6.1 Medium2026-02-07
CVE-2026-2071 UTT 进取 520W formP2PLimitConfig strcpy buffer overflow — 进取 520WCWE-120 8.8 High2026-02-07
CVE-2020-37157 DBPower C300 HD Camera - Remote Configuration Disclosure — DBPower C300 HD CameraCWE-306 7.5 High2026-02-06
CVE-2020-37146 Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure — Aptina AR0130 960P 1.3MP CameraCWE-306 7.5 High2026-02-06
CVE-2020-37106 Business Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin) — Business Live Chat SoftwareCWE-352 5.3 Medium2026-02-06
CVE-2026-25757 Unauthenticated Spree Commerce users can view completed guest orders by Order ID — spreeCWE-639 5.3AIMediumAI2026-02-06
CVE-2026-2070 UTT 进取 520W formPolicyRouteConf strcpy buffer overflow — 进取 520WCWE-120 8.8 High2026-02-06
CVE-2026-1731 Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) — Remote Support(RS) & Privileged Remote Access(PRA)CWE-78 9.8AICriticalAI2026-02-06
CVE-2026-2068 UTT 进取 520W formSyslogConf strcpy buffer overflow — 进取 520WCWE-120 8.8 High2026-02-06
CVE-2025-68621 Trilium Notes has a Timing Attack Vulnerability in /api/login/sync — TriliumCWE-208 7.4 High2026-02-06

Vulnerabilities classified as access:pre-auth represent 18829 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.