18834 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-21986 | Oracle Virtualization 安全漏洞 — Oracle VM VirtualBox | 7.1 | High | 2026-01-20 |
| CVE-2026-21980 | Oracle Health Sciences Applications 安全漏洞 — Oracle Life Sciences Central Coding | 6.5 | Medium | 2026-01-20 |
| CVE-2026-21982 | Oracle Virtualization 安全漏洞 — Oracle VM VirtualBox | 7.5 | High | 2026-01-20 |
| CVE-2026-21977 | Oracle Zero Data Loss Recovery Appliance 安全漏洞 — Oracle Zero Data Loss Recovery Appliance Software | 3.1 | Low | 2026-01-20 |
| CVE-2026-21974 | Oracle Health Sciences Applications 安全漏洞 — Oracle Life Sciences Central Designer | 5.3 | Medium | 2026-01-20 |
| CVE-2026-21972 | Oracle E-Business Suite 安全漏洞 — Oracle Configurator | 5.3 | Medium | 2026-01-20 |
| CVE-2026-21969 | Oracle Supply Chain Products Suite 安全漏洞 — Oracle Agile Product Lifecycle Management for Process | 9.8 | Critical | 2026-01-20 |
| CVE-2026-21966 | Oracle Hospitality Applications 安全漏洞 — Oracle Hospitality OPERA 5 Property Services | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21967 | Oracle Hospitality Applications 安全漏洞 — Oracle Hospitality OPERA 5 | 8.6 | High | 2026-01-20 |
| CVE-2026-21962 | Oracle Fusion Middleware 安全漏洞 — Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in | 10.0 | Critical | 2026-01-20 |
| CVE-2026-21961 | Oracle PeopleSoft 安全漏洞 — PeopleSoft Enterprise HCM Human Resources | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21951 | Oracle PeopleSoft 安全漏洞 — PeopleSoft Enterprise PeopleTools | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21947 | Oracle Java SE 安全漏洞 — Oracle Java SE | 3.1 | Low | 2026-01-20 |
| CVE-2026-21945 | Oracle Java SE 安全漏洞 — Oracle Java SE | 7.5 | High | 2026-01-20 |
| CVE-2026-21946 | Oracle JD Edwards 安全漏洞 — JD Edwards EnterpriseOne Tools | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21943 | Oracle E-Business Suite 安全漏洞 — Oracle Scripting | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21938 | Oracle PeopleSoft 安全漏洞 — PeopleSoft Enterprise PeopleTools | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21939 | Oracle Database Server 安全漏洞 — Oracle Database Server | 7.0 | High | 2026-01-20 |
| CVE-2026-21940 | Oracle Supply Chain 安全漏洞 — Oracle Agile PLM | 7.5 | High | 2026-01-20 |
| CVE-2026-21932 | Oracle Java SE 安全漏洞 — Oracle Java SE | 7.4 | High | 2026-01-20 |
| CVE-2026-21933 | Oracle Java SE 安全漏洞 — Oracle Java SE | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21928 | Oracle Solaris 安全漏洞 — Oracle Solaris | 5.3 | Medium | 2026-01-20 |
| CVE-2026-21925 | Oracle Java SE 安全漏洞 — Oracle Java SE | 4.8 | Medium | 2026-01-20 |
| CVE-2026-21926 | Oracle Siebel CRM 安全漏洞 — Siebel CRM Deployment | 7.5 | High | 2026-01-20 |
| CVE-2026-21923 | Oracle Health Sciences Applications 安全漏洞 — Oracle Life Sciences Central Designer | 6.5 | Medium | 2026-01-20 |
| CVE-2025-36066 | Multiple vulnerabilities were addressed in IBM Sterling Connect:Express for UNIX. — Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0CWE-79 | 6.1 | Medium | 2026-01-20 |
| CVE-2025-15380 | NotificationX <= 3.2.0 - Unauthenticated DOM-Based Cross-Site Scripting via 'nx-preview' — NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification BarCWE-79 | 7.2 | High | 2026-01-20 |
| CVE-2026-0726 | Nexter Extension – Site Enhancements Toolkit <= 4.4.6 - Unauthenticated PHP Object Injection via 'nxt_unserialize_replace' — Nexter Extension – Security, Performance, Code Snippets & Site ToolkitCWE-502 | 8.1 | High | 2026-01-20 |
| CVE-2025-14533 | Advanced Custom Fields: Extended <= 0.9.2.1 - Unauthenticated Privilege Escalation via Insert User Form Action — Advanced Custom Fields: ExtendedCWE-269 | 9.8 | Critical | 2026-01-20 |
| CVE-2026-1221 | BROWAN COMMUNICATIONS |PrismX MX100 AP controller - Use of Hard-coded Credentials — PrismX MX100 AP controllerCWE-798 | 9.8 | Critical | 2026-01-20 |
Vulnerabilities classified as access:pre-auth represent 18834 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.