Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18829

18829 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2020-37114 GUnet OpenEclass 1.7.3 E-learning platform - Information Disclosure — GUnet OpenEclassCWE-200 4.3 Medium2026-02-03
CVE-2026-1058 Form Maker by 10Web <= 1.15.35 - Unauthenticated Stored Cross-Site Scripting via Hidden Field — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-79 7.1 High2026-02-03
CVE-2026-1447 Mail Mint <= 1.19.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce EmailsCWE-352 5.4 Medium2026-02-03
CVE-2026-1065 Form Maker by 10Web <= 1.15.35 - Unauthenticated Stored Cross-Site Scripting via SVG file — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-434 7.2 High2026-02-03
CVE-2026-0617 LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.5 - Unauthenticated Stored Cross-Site Scripting — LatePoint – Calendar Booking Plugin for Appointments and EventsCWE-79 7.2 High2026-02-03
CVE-2026-0950 Spectra Gutenberg Blocks <= 2.19.17 - Unauthenticated Information Disclosure in Sensitive Data — Spectra Gutenberg Blocks – Website Builder for the Block EditorCWE-200 5.3 Medium2026-02-03
CVE-2026-24936 An improper input validation vulnerability was found in ADM while joining a AD Domain. — ADMCWE-20 9.8AICriticalAI2026-02-03
CVE-2026-24934 An improper certificate validation vulnerability was found in ADM while querying an external server for the device's WAN IP address. — ADMCWE-295 3.7AILowAI2026-02-03
CVE-2026-24933 An improper certificate validation vulnerability was found in ADM while sending HTTPS requests to the server. — ADMCWE-295 5.9AIMediumAI2026-02-03
CVE-2025-57529 YouDataSum CPAS Audit Management System 安全漏洞 — n/a 9.8AICriticalAI2026-02-03
CVE-2025-61506 MediaCrush 安全漏洞 — n/a 9.1AICriticalAI2026-02-03
CVE-2025-69970 FUXA 安全漏洞 — n/a 9.8AICriticalAI2026-02-03
CVE-2025-69981 FUXA 安全漏洞 — n/a 9.8AICriticalAI2026-02-03
CVE-2025-70758 Core PHP Admin panel 安全漏洞 — n/a 8.2AIHighAI2026-02-03
CVE-2025-70841 Dokans 安全漏洞 — n/a 10.0 Critical2026-02-03
CVE-2025-70849 podinfo 安全漏洞 — n/a 8.2AIHighAI2026-02-03
CVE-2025-10878 Fikir Odalari AdminPando SQL注入漏洞 — Fikir Odalari AdminPandoCWE-89 10.0 Critical2026-02-03
CVE-2026-25222 PolarLearn Affected by User Enumeration via Argon2 Timing Attack on Sign-In Endpoint — PolarLearnCWE-200 3.7AILowAI2026-02-02
CVE-2026-23515 RCE - Command Injection in Signal K set-system-time plugin — signalk-serverCWE-78 10.0 Critical2026-02-02
CVE-2022-50981 Multiple Innomic VibroLine VLX HD 5.0 and avibia AVLX weak password requirements — VibroLine VLX1 HD 5.0CWE-306 9.8 Critical2026-02-02
CVE-2022-50980 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via CAN — VibroLine VLX1 HD 5.0CWE-306 6.5 Medium2026-02-02
CVE-2022-50979 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via Modbus (RS485) — VibroLine VLX1 HD 5.0CWE-306 6.5 Medium2026-02-02
CVE-2022-50978 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via Modbus (TCP) — VibroLine VLX1 HD 5.0CWE-306 7.5 High2026-02-02
CVE-2022-50977 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via HTTP — VibroLine VLX1 HD 5.0CWE-306 7.5 High2026-02-02
CVE-2022-50975 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated access to device configuration — VibroLine VLX1 HD 5.0CWE-346 8.8 High2026-02-02
CVE-2026-1760 Libsoup: soupserver: denial of service via http request smuggling — Red Hat Enterprise Linux 10CWE-444 5.3 Medium2026-02-02
CVE-2026-0599 Unbounded External Image Fetch in Validation Leads to Resource-Exhaustion DoS in huggingface/text-generation-inference — huggingface/text-generation-inferenceCWE-400 7.5AIHighAI2026-02-02
CVE-2026-1117 Improper Access Control in parisneo/lollms — parisneo/lollmsCWE-284 8.1AIHighAI2026-02-02
CVE-2025-15030 User Profile Builder < 3.15.2 - Unauthenticated Arbitrary Password Reset — User Profile Builder 8.1AIHighAI2026-02-02
CVE-2026-1746 JeecgBoot Online Report API loadDictItemByKeyword sql injection — JeecgBootCWE-89 6.3 Medium2026-02-02

Vulnerabilities classified as access:pre-auth represent 18829 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.