All CosmicBytez Labs articles tagged #Authentication Bypass, across news, security advisories, how-to guides, and projects.
A critical authentication bypass in Kopia, a cross-platform backup tool for Windows, macOS, and Linux, allows unauthenticated access to repository API endpoints when the server is started with the --without-password flag. Fixed in Kopia v0.23.0.
The Happy Coders OTP Login for WooCommerce plugin before 2.8 allows unauthenticated attackers to bypass OTP verification and log in as any WordPress user, including administrators.
The miniOrange SAML Single Sign On plugin for WordPress through version 5.4.3 allows unauthenticated attackers to log in as any user via an RSA-to-HMAC algorithm confusion attack against the SAML signature verification logic.
A critical CVSS 9.8 vulnerability in 9Router versions 0.2.21–0.4.43 exposes a hardcoded fallback JWT secret in source code, enabling attackers to forge authentication tokens and gain full administrative access.
The User Registration & Membership WordPress plugin before 5.2.2 fails to verify PayPal webhook signatures, allowing unauthenticated attackers to forge payment events and gain free premium memberships.
A high-severity SQL injection vulnerability in the TOKO-ONLINE-ROTI bakery management system allows remote attackers to manipulate the login.php Username parameter and compromise the backend database without authentication.
Attackers are actively exploiting a critical authentication bypass in the official Gitea Docker image, allowing unauthenticated users to impersonate any...
A critical SQL injection vulnerability in Inrove Software's BiEticaret e-commerce platform (versions before v3.3.57) allows unauthenticated attackers to...
A critical missing authentication vulnerability in Esri Portal for ArcGIS 12.1 and earlier allows remote unauthenticated attackers to access protected API...
A critical authentication bypass in Dell PowerProtect Data Domain allows unauthenticated remote attackers to gain access to the backup platform. Combined...
A critical CVSS 9.8 improper authentication vulnerability in Dassault Systèmes DELMIA Apriso (releases 2020–2026) allows unauthenticated attackers to gain...
A critical authentication bypass in Apache IoTDB allows unauthenticated attackers to forge Thrift RPC session IDs and receive valid time-series query...
A high-severity SQL injection vulnerability in SourceCodester Simple and Nice Shopping Cart Script 1.0 allows remote attackers to manipulate the admin...
A high-severity SQL injection vulnerability in itsourcecode Online Hotel Management System 1.0 allows remote attackers to exploit the admin login page via...
All official Gitea Docker images through v1.26.2 ship with a wildcard trusted proxy setting that lets any unauthenticated attacker impersonate any user...
A critical path traversal vulnerability in the fast-mcp-telegram Telegram MCP Server allows attackers to bypass Bearer token authentication and read...
Critical path bypass vulnerability in @fastify/middie versions 9.1.0 through 9.3.2 allows attackers to evade middleware protection by exploiting a %2F...
A critical authentication bypass in Flowise allows unauthenticated attackers to register accounts via an unprotected API endpoint and gain full platform...
A critical authentication vulnerability in four ManageEngine products allows unauthenticated attackers to predict SSO session tickets and take over...
A CVSS 9.8 authentication bypass in Nefteprodukttekhnika's BUK TS-G Gas Station Automation System allows any unauthenticated attacker to gain full...
A high-severity vulnerability (CVSS 9.0) in Cloud Foundry UAA allows attackers to bypass authentication by exploiting the incorrect treatment of XML...
CVSS 9.1 session fixation flaw in Perl's Catalyst auth plugin (before 0.10_027) lets attackers impersonate authenticated users by pre-planting a known...
A critical authentication bypass vulnerability in the DTS Electronics Redline WR3200 router allows unauthenticated attackers to access functionality protected…
A critical authentication bypass in authentik allows attackers to skip the Source stage entirely by sending an empty POST request, completely circumventing…
The Really Simple Security WordPress plugin before 9.5.10.1 fails to enforce the second-factor challenge on two REST API endpoints, allowing attackers with a…
A critical SQL injection vulnerability (CVSS 9.1) in OTRS and ((OTRS)) Community Edition allows unauthenticated attackers to bypass authentication entirely…
A high-severity authentication bypass vulnerability in OUSL-GROUP BrinaryBrains School Student Management System allows manipulation of the sign_auth_cookie…
Palo Alto Networks warns that CVE-2026-0257, a CVSS 7.8 authentication bypass in PAN-OS GlobalProtect, is under active exploitation by hackers attempting...
Palo Alto Networks warns that CVE-2026-0257, a CVSS 7.8 authentication bypass in PAN-OS GlobalProtect and Prisma Access, is being actively exploited by...
A broken authentication check in the Simple History WordPress plugin (versions up to 5.26.0) allows Subscriber-level users to take over any WordPress...
phpMyFAQ before 4.1.3 contains a CVSS 8.2 flaw allowing unauthenticated attackers to reset any account password without token validation, enabling full...
A critical authentication bypass (CVSS 9.8) in the OTP Login With Phone Number WordPress plugin allows unauthenticated attackers to log in as any user due...
A CVSS 10.0 authentication bypass in Cisco Secure Workload allows unauthenticated remote attackers to access internal REST APIs with full Site Admin privileges.
A critical authentication bypass vulnerability in NVIDIA Triton Inference Server could allow unauthenticated attackers to execute code, escalate...
Apache OFBiz versions before 24.09.06 contain a hard-coded cryptographic key vulnerability (CVSS 9.1) that allows attackers to forge authentication tokens...
The Boost plugin for WordPress versions up to 2.0.3 is vulnerable to PHP Object Injection via deserialization of the STYXKEY-BOOST_USER_LOCATION cookie,...
A critical CVSS 9.8 vulnerability in iDS6 DSSPro Digital Signage System 6.2 allows attackers to retrieve valid CAPTCHA codes from the login endpoint and...
The Form Notify plugin for WordPress is vulnerable to authentication bypass in versions up to and including 1.1.10. Attackers can manipulate...
Threat actors began exploiting CVE-2026-44338, a missing authentication flaw in the PraisonAI multi-agent orchestration framework, within just four hours...
A critical authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager allows an unauthenticated remote attacker to bypass...
Critical authentication bypass vulnerability in ELECOM wireless LAN access point devices allows unauthenticated attackers to access protected URLs and...
A critical vulnerability (CVSS 9.4) in phpVMS before version 7.0.6 allows unauthenticated attackers to access a legacy import feature, potentially...
A critical authentication bypass in the User Verification by PickPlugins plugin for WordPress allows unauthenticated attackers to bypass OTP verification...
A critical CVSS 10.0 authentication bypass in Traefik's ForwardAuth middleware allows attackers to circumvent authentication when the proxy is deployed...
A second critical CVSS 10.0 authentication bypass in Traefik allows attackers to defeat ForwardAuth and snippet-based authentication middleware by...
A critical CVSS 9.8 authentication bypass in the WordPress Temporary Login plugin (versions up to 1.0.0) allows unauthenticated attackers to gain...
The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been...
WebPros cPanel, WHM, and WP2 (WordPress Squared) contain a critical authentication bypass in the login flow, allowing unauthenticated remote attackers to...
A critical unauthenticated SQL injection vulnerability in ProjeQtor project management software allows attackers to inject arbitrary SQL via the login...
A critical authentication bypass vulnerability in Clerk's JavaScript SDK allows crafted HTTP requests to skip createRouteMatcher middleware gating,...
A critical authentication bypass vulnerability in the end-of-life Borg SPM 2007 application permits unauthenticated remote attackers to log into the...
OpenAEV's password reset implementation contains multiple chained weaknesses enabling reliable account takeover in versions 1.0.0 through 2.0.12 of the...
A critical authentication bypass vulnerability in nginx-ui, a popular open-source web-based Nginx management interface, is being actively exploited to...
A critical SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows unauthenticated remote attackers to bypass login...
A high-severity LDAP injection vulnerability in OPNsense's authentication connector allows unauthenticated attackers to bypass login controls by injecting...
A critical privilege escalation vulnerability in the Users Manager – PN WordPress plugin (v1.1.15 and below) allows unauthenticated attackers to update...
A critical vulnerability (CVSS 9.8) in parisneo/lollms v2.1.0 allows attackers to brute-force the application's JWT secret key offline, forge...
An unauthenticated SQL injection vulnerability has been disclosed in code-projects Concert Ticket Reservation System 1.0, affecting the login.php file via...
A critical authentication bypass in Hirschmann Industrial HiVision versions prior to 06.0.07 and 07.0.03 allows unauthenticated remote attackers to...
Cisco has released security advisories addressing a batch of critical and high-severity vulnerabilities across multiple products, covering flaws that...
A CVSS 10.0 critical vulnerability in Juju versions 3.2.0–3.6.18 and 4.0–4.0.3 allows unauthenticated attackers to connect directly to the internal Dqlite...
OpenOlat versions 10.5.4 through 20.2.4 fail to verify JWT signatures in their OpenID Connect implicit flow, allowing unauthenticated attackers to...
A critical authentication bypass vulnerability (CVSS 9.0) in ConnectWise ScreenConnect versions prior to 26.1 allows an actor with access to server-level...
The Tutor LMS Pro WordPress plugin's Social Login addon fails to verify OAuth token email matches the login request, allowing unauthenticated attackers to...
A remotely exploitable SQL injection vulnerability has been disclosed in SourceCodester Simple Responsive Tourism Website 1.0, allowing attackers to...
The Warlock ransomware group exploited CVE-2026-23760, an authentication bypass zero-day in SmarterMail, to breach SmarterTools itself, compromise 12...
Security researchers have identified a severe authentication bypass vulnerability affecting multiple enterprise VPN products. Immediate patching recommended.