Total
528 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-1917 | 2 Budda, Drupal | 2 Login Disable, Login Disable | 2026-04-03 | 4.3 Medium |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Login Disable allows Functionality Bypass.This issue affects Login Disable: from 0.0.0 before 2.1.3. | ||||
| CVE-2026-3214 | 2 Arnabdotorg, Drupal | 2 Captcha, Captcha | 2026-04-03 | 6.5 Medium |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal CAPTCHA allows Functionality Bypass.This issue affects CAPTCHA: from 0.0.0 before 1.17.0, from 2.0.0 before 2.0.10. | ||||
| CVE-2025-43436 | 1 Apple | 8 Ios, Ipad Os, Ipados and 5 more | 2026-04-02 | 7.5 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. An app may be able to enumerate a user's installed apps. | ||||
| CVE-2025-24206 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-02 | 7.7 High |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication policy. | ||||
| CVE-2025-24095 | 1 Apple | 3 Ipados, Iphone Os, Visionos | 2026-04-02 | 7.6 High |
| This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, visionOS 2.4. An app may be able to bypass Privacy preferences. | ||||
| CVE-2024-27834 | 5 Apple, Fedoraproject, Redhat and 2 more | 12 Ipad Os, Ipados, Iphone Os and 9 more | 2026-04-02 | 8.1 High |
| The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. | ||||
| CVE-2025-46286 | 1 Apple | 4 Ios, Ipad Os, Ipados and 1 more | 2026-04-02 | 4.3 Medium |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 26.2 and iPadOS 26.2. Restoring from a backup may prevent passcode from being required immediately after Face ID enrollment. | ||||
| CVE-2025-43422 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2026-04-02 | 4.6 Medium |
| The issue was addressed by adding additional logic. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a device may be able to disable Stolen Device Protection. | ||||
| CVE-2026-25471 | 2 Themepaste, Wordpress | 2 Admin Safety Guard, Wordpress | 2026-04-02 | N/A |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Themepaste Admin Safety Guard admin-safety-guard allows Password Recovery Exploitation.This issue affects Admin Safety Guard: from n/a through <= 1.2.6. | ||||
| CVE-2026-3531 | 2 Bojanz, Drupal | 2 Openid Connect \/ Oauth Client, Openid | 2026-04-02 | 6.5 Medium |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal OpenID Connect / OAuth client allows Authentication Bypass.This issue affects OpenID Connect / OAuth client: from 0.0.0 before 1.5.0. | ||||
| CVE-2026-32678 | 1 Buffalo | 93 Fs-m1266, Fs-m1266 Firmware, Fs-s1266 and 90 more | 2026-04-02 | N/A |
| Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication. | ||||
| CVE-2024-56044 | 1 Vibethemes | 1 Wordpress Learning Management System | 2026-04-01 | N/A |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in VibeThemes WPLMS wplms_plugin allows Authentication Bypass.This issue affects WPLMS: from n/a through <= 1.9.9. | ||||
| CVE-2024-50489 | 2 Realty Workstation, Realtyworkstation | 2 Realty Workstation, Realty Workstation | 2026-04-01 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in realtyworkstation Realty Workstation realty-workstation allows Authentication Bypass.This issue affects Realty Workstation: from n/a through <= 1.0.45. | ||||
| CVE-2024-50488 | 2 Priyabrata Sarkar, Priyabratasarkar | 2 Token Login, Token Login | 2026-04-01 | 8.8 High |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in yespbs Token Login token-login allows Authentication Bypass.This issue affects Token Login: from n/a through <= 1.0.3. | ||||
| CVE-2024-50487 | 1 Maantheme | 1 Maanstore Api | 2026-04-01 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo MaanStore API maanstore-api allows Authentication Bypass.This issue affects MaanStore API: from n/a through <= 1.0.1. | ||||
| CVE-2024-50486 | 1 Acnoo | 2 Acnoo Flutter Api, Flutter Api | 2026-04-01 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API acnoo-flutter-api allows Authentication Bypass.This issue affects Acnoo Flutter API: from n/a through <= 1.0.5. | ||||
| CVE-2024-50477 | 2 Stacks, Stacksmarket | 2 Stacks Mobile App Builder, Stacks Mobile App Builder | 2026-04-01 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through <= 5.2.3. | ||||
| CVE-2024-49675 | 1 Vitaliibryl | 1 Switch User | 2026-04-01 | 8.8 High |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii iBryl Switch User ibryl-switch-user allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through <= 1.0.1. | ||||
| CVE-2024-49604 | 2 Najeeb Ahmad, Najeebmedia | 2 Simple User Registration, Simple User Registration | 2026-04-01 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in N-Media Simple User Registration wp-registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through <= 6.7. | ||||
| CVE-2024-49328 | 2 Vivek Tamrakar, Vivektamrakar | 2 Wp Rest Api Fns, Wp Rest Api Fns | 2026-04-01 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through <= 1.0.0. | ||||