Authentication Bypass Archives • Page 10 of 10 • Daily CyberSecurity

CISA Alerts: Vertiv Products Vulnerable to RCE, Auth Bypass (CVSS 9.8) Vertiv RCE, authentication bypass

CISA Alerts: Vertiv Products Vulnerable to RCE, Auth Bypass (CVSS 9.8)

Do Son May 21, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory addressing two high-severity vulnerabilities...

Pgpool-II Hit by Critical CVE-2025-46801: CVSS 9.8 Risk Lets Attackers Bypass Authentication Pgpool-II, authentication bypass

Pgpool-II Hit by Critical CVE-2025-46801: CVSS 9.8 Risk Lets Attackers Bypass Authentication

Do Son May 16, 2025

The PgPool Global Development Group has issued a high-severity security advisory for Pgpool-II, a widely used middleware...

Jenkins Plugin Flaws Expose Critical Risks: CVE-2025-47889 Hits 9.8 CVSS with Auth Bypass Jenkins Security Update CVE-2026-27099 Jenkins security - CVE-2023-35141 Jenkins plugins, CVE-2025-47884

Jenkins Security Update CVE-2026-27099 Jenkins security - CVE-2023-35141 Jenkins plugins, CVE-2025-47884

Jenkins Plugin Flaws Expose Critical Risks: CVE-2025-47889 Hits 9.8 CVSS with Auth Bypass

Do Son May 16, 2025

Jenkins, a popular open-source automation server, is a crucial tool for many development and operations teams. A...

Fortinet Patches Critical TACACS+ Authentication Bypass (CVE-2025-22252) in FortiOS and FortiProxy Fortinet Authentication Bypass CVE-2025-22252

Fortinet Authentication Bypass CVE-2025-22252

Fortinet Patches Critical TACACS+ Authentication Bypass (CVE-2025-22252) in FortiOS and FortiProxy

Do Son May 15, 2025

Fortinet has released patches for a critical vulnerability (CVE-2025-22252, CVSS 9.0) affecting multiple products, including FortiOS, FortiProxy,...

Critical Authentication Bypass in OpenPubkey and OPKSSH Exposes Systems to Remote Access Risks OpenPubkey, authentication bypass

Critical Authentication Bypass in OpenPubkey and OPKSSH Exposes Systems to Remote Access Risks

Do Son May 15, 2025

A pair of critical-severity vulnerabilities in the OpenPubkey authentication protocol and its companion tool, OPKSSH, could allow...

Ivanti Neurons for ITSM Hit by CVSS 9.8 Authentication Bypass Flaw Enabling Full Admin Access Ivanti EPM Vulnerability CVE-2026-1603 Ivanti EPM Critical XSS, Unauthenticated File Write CVE-2024-29847 & CVE-2024-8190 Ivanti ITSM, Authentication Bypass

Ivanti EPM Vulnerability CVE-2026-1603 Ivanti EPM Critical XSS, Unauthenticated File Write CVE-2024-29847 & CVE-2024-8190 Ivanti ITSM, Authentication Bypass

Ivanti Neurons for ITSM Hit by CVSS 9.8 Authentication Bypass Flaw Enabling Full Admin Access

Do Son May 14, 2025

Ivanti has released a critical security patch for its on-premises Neurons for ITSM platform, addressing a severe...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Ivanti EPMM Flaws Exploited in the Wild: Chained RCE and Auth Bypass Threaten Mobile Device Management

Do Son May 13, 2025

Ivanti has released a security updates addressing two vulnerabilities in Endpoint Manager Mobile (EPMM)—CVE-2025-4427 and CVE-2025-4428—that, when...

BeyondTrust PRA Vulnerability (CVE-2025-0217) Enables Session Hijacking via Authentication Bypass BeyondTrust, authentication bypass

BeyondTrust PRA Vulnerability (CVE-2025-0217) Enables Session Hijacking via Authentication Bypass

Do Son May 5, 2025

A significant security vulnerability has been identified in BeyondTrust’s Privileged Remote Access (PRA) solution, posing a risk...

SonicWall Exploit Chain Exposes Admin Hijack Risk via CVE-2023-44221 and CVE-2024-38475 SonicWall, exploit chain

SonicWall Exploit Chain Exposes Admin Hijack Risk via CVE-2023-44221 and CVE-2024-38475

Do Son May 5, 2025

A newly exploit chain targeting SonicWall’s Secure Mobile Access (SMA) appliances has been released. Published by watchTowr...

CISA Warns Critical Flaws in KUNBUS Revolution Pi Exposing Industrial Systems to Remote Attacks KUNBUS Revolution Pi, CISA vulnerabilities

CISA Warns Critical Flaws in KUNBUS Revolution Pi Exposing Industrial Systems to Remote Attacks

Do Son May 3, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a risk evaluation advisory detailing several high-severity...

CVE-2025-29906: Finit’s Bundled Getty Flaw Allows Authentication Bypass on Linux Systems Finit vulnerability, authentication bypass

CVE-2025-29906: Finit’s Bundled Getty Flaw Allows Authentication Bypass on Linux Systems

Do Son May 1, 2025

A serious security vulnerability has been discovered in Finit, a lightweight and fast init system for Linux,...

0-Click NTLM Authentication Bypass Hits Microsoft Telnet Server, PoC Releases, No Patch Telnet Bypass Authentication Vulnerability

0-Click NTLM Authentication Bypass Hits Microsoft Telnet Server, PoC Releases, No Patch

Do Son April 29, 2025

A severe vulnerability affecting Microsoft Telnet Server has been uncovered, allowing remote attackers to completely bypass authentication...

CVE-2024-6235: NetScaler Console Flaw Enables Admin Access, PoC Publishes

Do Son April 24, 2025

A critical vulnerability—CVE-2024-6235—in Citrix NetScaler Console has been dissected by security researcher chutton-r7, revealing a severe unauthenticated...

Siemens Security Alert: Critical Vulnerabilities in SENTRON 7KT PAC1260 Data Manager Siemens RTLS, CVE-2025-40746 CVE-2024-22040 - SINEC Security Monitor Siemens Security Advisory SENTRON 7KT PAC1260

Siemens RTLS, CVE-2025-40746 CVE-2024-22040 - SINEC Security Monitor Siemens Security Advisory SENTRON 7KT PAC1260

Siemens Security Alert: Critical Vulnerabilities in SENTRON 7KT PAC1260 Data Manager

Do Son April 9, 2025

In a recent security advisory, Siemens ProductCERT has revealed multiple critical vulnerabilities affecting the SENTRON 7KT PAC1260...

Inaba Denki Sangyo Wi-Fi AP Units Affected by Critical Vulnerabilities Vonets WiFi Bridge Inaba Denki Sangyo Wi-Fi vulnerability

Inaba Denki Sangyo Wi-Fi AP Units Affected by Critical Vulnerabilities

Do Son April 9, 2025

A recent security advisory from JPCERT/CC has highlighted multiple vulnerabilities in Inaba Denki Sangyo Co., Ltd.’s Wi-Fi...

CVE-2025-0159 (CVSS 9.1): Critical IBM Storage Flaw Allows Authentication Bypass CVE-2024-41779 - CVE-2025-0159 IBM HashiCorp Acquisition

CVE-2025-0159 (CVSS 9.1): Critical IBM Storage Flaw Allows Authentication Bypass

Do Son March 3, 2025

IBM has issued a security bulletin disclosing two vulnerabilities affecting the graphical user interface (GUI) of several...

CVE-2024-7593 (CVSS 9.8): Authentication Bypass in Ivanti vTM: Proof of Concept Available CVE-2024-7593 - Ivanti Virtual Traffic Manager

CVE-2024-7593 (CVSS 9.8): Authentication Bypass in Ivanti vTM: Proof of Concept Available

Do Son August 13, 2024

Ivanti has issued a security advisory addressing a critical vulnerability (CVE-2024-7593) in its Virtual Traffic Manager (vTM),...