Authentication Bypass Archives • Page 9 of 10 • Daily CyberSecurity

Critical 9.8 CVSS Authentication Bypass in HPE StoreOnce Software HPE StoreOnce, Authentication Bypass

Critical 9.8 CVSS Authentication Bypass in HPE StoreOnce Software

Do Son June 3, 2025

Hewlett Packard Enterprise (HPE) has issued a security bulletin detailing multiple severe vulnerabilities in its StoreOnce Software,...

Critical 10.0 CVSS Flaws Found in Netwrix Directory Manager v11 – Patch Immediately! Netwrix, Directory Manager Vulnerabilities

Critical 10.0 CVSS Flaws Found in Netwrix Directory Manager v11 – Patch Immediately!

Do Son May 31, 2025

Netwrix, a provider of identity governance and access management solutions, has issued a critical security advisory warning...

Critical (CVSS 9.8): Weidmueller Switch Flaws Risk Full System Compromise Weidmueller vulnerability Industrial switch hack

Critical (CVSS 9.8): Weidmueller Switch Flaws Risk Full System Compromise

Do Son May 28, 2025

Weidmueller Interface GmbH & Co. KG, a global manufacturer of industrial connectivity and automation solutions, has disclosed...

Critical NETGEAR Router Flaw Enables Full Admin Access via Hidden Backdoor (PoC Included) NETGEAR, Authentication Bypass

Critical NETGEAR Router Flaw Enables Full Admin Access via Hidden Backdoor (PoC Included)

Do Son May 23, 2025

A newly disclosed and highly critical vulnerability, tracked as CVE-2025-4978 with a CVSSv4 score of 9.3, has...

Unpatched 0-Days (CVSS 10): Versa Concerto Flaws Threaten Enterprise Networks Versa Concerto exploit, SD-WAN security

Unpatched 0-Days (CVSS 10): Versa Concerto Flaws Threaten Enterprise Networks

Do Son May 22, 2025

Versa Concerto, a popular SD-WAN and network orchestration platform used by large enterprises and governments, is under...

CISA Alerts: Vertiv Products Vulnerable to RCE, Auth Bypass (CVSS 9.8) Vertiv RCE, authentication bypass

CISA Alerts: Vertiv Products Vulnerable to RCE, Auth Bypass (CVSS 9.8)

Do Son May 21, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory addressing two high-severity vulnerabilities...

Pgpool-II Hit by Critical CVE-2025-46801: CVSS 9.8 Risk Lets Attackers Bypass Authentication Pgpool-II, authentication bypass

Pgpool-II Hit by Critical CVE-2025-46801: CVSS 9.8 Risk Lets Attackers Bypass Authentication

Do Son May 16, 2025

The PgPool Global Development Group has issued a high-severity security advisory for Pgpool-II, a widely used middleware...

Jenkins Plugin Flaws Expose Critical Risks: CVE-2025-47889 Hits 9.8 CVSS with Auth Bypass Jenkins Security Update CVE-2026-27099 Jenkins security - CVE-2023-35141 Jenkins plugins, CVE-2025-47884

Jenkins Security Update CVE-2026-27099 Jenkins security - CVE-2023-35141 Jenkins plugins, CVE-2025-47884

Jenkins Plugin Flaws Expose Critical Risks: CVE-2025-47889 Hits 9.8 CVSS with Auth Bypass

Do Son May 16, 2025

Jenkins, a popular open-source automation server, is a crucial tool for many development and operations teams. A...

Fortinet Patches Critical TACACS+ Authentication Bypass (CVE-2025-22252) in FortiOS and FortiProxy Fortinet Authentication Bypass CVE-2025-22252

Fortinet Authentication Bypass CVE-2025-22252

Fortinet Patches Critical TACACS+ Authentication Bypass (CVE-2025-22252) in FortiOS and FortiProxy

Do Son May 15, 2025

Fortinet has released patches for a critical vulnerability (CVE-2025-22252, CVSS 9.0) affecting multiple products, including FortiOS, FortiProxy,...

Critical Authentication Bypass in OpenPubkey and OPKSSH Exposes Systems to Remote Access Risks OpenPubkey, authentication bypass

Critical Authentication Bypass in OpenPubkey and OPKSSH Exposes Systems to Remote Access Risks

Do Son May 15, 2025

A pair of critical-severity vulnerabilities in the OpenPubkey authentication protocol and its companion tool, OPKSSH, could allow...

Ivanti Neurons for ITSM Hit by CVSS 9.8 Authentication Bypass Flaw Enabling Full Admin Access Ivanti EPM Vulnerability CVE-2026-1603 Ivanti EPM Critical XSS, Unauthenticated File Write CVE-2024-29847 & CVE-2024-8190 Ivanti ITSM, Authentication Bypass

Ivanti EPM Vulnerability CVE-2026-1603 Ivanti EPM Critical XSS, Unauthenticated File Write CVE-2024-29847 & CVE-2024-8190 Ivanti ITSM, Authentication Bypass

Ivanti Neurons for ITSM Hit by CVSS 9.8 Authentication Bypass Flaw Enabling Full Admin Access

Do Son May 14, 2025

Ivanti has released a critical security patch for its on-premises Neurons for ITSM platform, addressing a severe...

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Ivanti EPMM Flaws Exploited in the Wild: Chained RCE and Auth Bypass Threaten Mobile Device Management

Do Son May 13, 2025

Ivanti has released a security updates addressing two vulnerabilities in Endpoint Manager Mobile (EPMM)—CVE-2025-4427 and CVE-2025-4428—that, when...

BeyondTrust PRA Vulnerability (CVE-2025-0217) Enables Session Hijacking via Authentication Bypass BeyondTrust, authentication bypass

BeyondTrust PRA Vulnerability (CVE-2025-0217) Enables Session Hijacking via Authentication Bypass

Do Son May 5, 2025

A significant security vulnerability has been identified in BeyondTrust’s Privileged Remote Access (PRA) solution, posing a risk...

SonicWall Exploit Chain Exposes Admin Hijack Risk via CVE-2023-44221 and CVE-2024-38475 SonicWall, exploit chain

SonicWall Exploit Chain Exposes Admin Hijack Risk via CVE-2023-44221 and CVE-2024-38475

Do Son May 5, 2025

A newly exploit chain targeting SonicWall’s Secure Mobile Access (SMA) appliances has been released. Published by watchTowr...

CISA Warns Critical Flaws in KUNBUS Revolution Pi Exposing Industrial Systems to Remote Attacks KUNBUS Revolution Pi, CISA vulnerabilities

CISA Warns Critical Flaws in KUNBUS Revolution Pi Exposing Industrial Systems to Remote Attacks

Do Son May 3, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a risk evaluation advisory detailing several high-severity...

CVE-2025-29906: Finit’s Bundled Getty Flaw Allows Authentication Bypass on Linux Systems Finit vulnerability, authentication bypass

CVE-2025-29906: Finit’s Bundled Getty Flaw Allows Authentication Bypass on Linux Systems

Do Son May 1, 2025

A serious security vulnerability has been discovered in Finit, a lightweight and fast init system for Linux,...

0-Click NTLM Authentication Bypass Hits Microsoft Telnet Server, PoC Releases, No Patch Telnet Bypass Authentication Vulnerability

0-Click NTLM Authentication Bypass Hits Microsoft Telnet Server, PoC Releases, No Patch

Do Son April 29, 2025

A severe vulnerability affecting Microsoft Telnet Server has been uncovered, allowing remote attackers to completely bypass authentication...

CVE-2024-6235: NetScaler Console Flaw Enables Admin Access, PoC Publishes

Do Son April 24, 2025

A critical vulnerability—CVE-2024-6235—in Citrix NetScaler Console has been dissected by security researcher chutton-r7, revealing a severe unauthenticated...

Siemens Security Alert: Critical Vulnerabilities in SENTRON 7KT PAC1260 Data Manager Siemens RTLS, CVE-2025-40746 CVE-2024-22040 - SINEC Security Monitor Siemens Security Advisory SENTRON 7KT PAC1260