Weaknesses of type CWE-294
153 resultsCVE-2025-64131HIGHJenkins SAML Plugin 4.583.vc68232f7018a_ and earlier does not implement a replay cache, allowing attackers able to obtain information about EPSS 0.4%CVE-2026-1743LOWDJI Mavic Mini/Air/Spark/Mini SE Enhanced Wi-Fi Pairing authentication replayEPSS 0.4%CVE-2025-8616MEDIUMMalicious browser plugins may cause Authentication replay attack vulnerability to bypass authentication in OpenText Advanced AuthenticationEPSS 0.4%CVE-2026-34209HIGHmppx: Tempo has a session close voucher bypass vulnerability due to settled amount equalityEPSS 0.4%CVE-2022-25836HIGHBluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials wiEPSS 0.4%CVE-2022-25837HIGHBluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two paiEPSS 0.4%CVE-2026-32987CRITICALOpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via Device PairingEPSS 0.4%CVE-2025-67135CRITICALWeak Security in the PF-50 1.2 keyfob of PGST PG107 Alarm System 1.25.05.hf allows attackers to compromise access control via a code replay EPSS 0.3%CVE-2025-35061HIGHNewforma Info Exchange (NIX) forced NTLMv2 authentication via /NPCSRemoteWeb/LegacyIntegrationServices.asmxEPSS 0.3%CVE-2025-35058HIGHNewforma Info Exchange (NIX) forced NTLMv2 authentication via /UserWeb/Common/MarkupServices.ashxEPSS 0.3%CVE-2024-38284HIGHAuthentication Bypass by Capture-replay in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)EPSS 0.3%CVE-2026-27855MEDIUMDovecot OTP authentication is vulnerable to replay attack under specific conditions. If auth cache is enabled, and username is altered in paEPSS 0.3%CVE-2020-35473MEDIUMAn information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4.0 through 5.EPSS 0.3%CVE-2025-69822HIGHAn issue in Atomberg Atomberg Erica Smart Fan Firmware Version: V1.0.36 allows an attacker to obtain sensitive information and escalate privEPSS 0.3%CVE-2026-32053MEDIUMOpenClaw < 2026.2.23 - Twilio Webhook Replay Bypass via Randomized Event ID NormalizationEPSS 0.3%CVE-2025-1887HIGHSMB forced authentication vulnerability in Sage 200 SpainEPSS 0.3%CVE-2026-41351MEDIUMOpenClaw < 2026.3.31 - Webhook Replay Detection Bypass via Base64 Signature Re-encodingEPSS 0.3%CVE-2024-46041HIGHIoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay.EPSS 0.3%CVE-2022-48507—Vulnerability of identity verification being bypassed in the storage module. Successful exploitation of this vulnerability may affect servicEPSS 0.3%CVE-2024-8260MEDIUMOPA SMB Force-AuthenticationEPSS 0.3%