Falhas do tipo CWE-1188
171 resultadosCVE-2026-32617HIGHAnythingLLM Permissable CORS policyEPSS 0.4%CVE-2025-54127CRITICALHAXcms's Insecure Default Configuration Leads to Unauthenticated AccessEPSS 0.4%CVE-2024-56433LOWshadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user EPSS 0.4%CVE-2025-56332CRITICALAuthentication Bypass in fosrl/pangolin v1.6.2 and before allows attackers to access Pangolin resource via Insecure Default ConfigurationEPSS 0.4%CVE-2026-35672HIGHphpMyFAQ - Authentication Bypass via Empty API TokenEPSS 0.4%CVE-2023-40708MEDIUMImproper Access Control in OPTO 22 SNAP PAC S1EPSS 0.4%CVE-2025-57295HIGHH3C devices running firmware version NX15V100R015 are vulnerable to unauthorized access due to insecure default credentials. The root user aEPSS 0.4%CVE-2025-46599MEDIUMCNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations,EPSS 0.4%CVE-2026-31818CRITICALBudibase: Server-Side Request Forgery via REST Connector with Empty Default BlacklistEPSS 0.4%CVE-2025-36222HIGHIBM Fusion insecure default configurationEPSS 0.4%CVE-2026-24148HIGHNVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the initiaEPSS 0.3%CVE-2026-32965HIGHInitialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Manager provided by silex technology, Inc. WhEPSS 0.3%CVE-2025-41672CRITICALWAGO: Vulnerability in WAGO Device SphereEPSS 0.3%CVE-2025-41713MEDIUMWAGO: Vulnerability in hardware switch circuitEPSS 0.3%CVE-2026-1675MEDIUMAdvanced Country Blocker <= 2.3.1 - Unauthenticated Authorization Bypass via Insecure Default Secret KeyEPSS 0.3%CVE-2024-45313MEDIUMInsecure default setting for Server Pro installed via Overleaf toolkitEPSS 0.3%CVE-2026-30805CRITICALInsecure Default Initialization in API Authentication leads to Authentication BypassEPSS 0.3%CVE-2018-25193HIGHMongoose Web Server 6.9 Denial of Service via Socket ConnectionEPSS 0.3%CVE-2018-25169HIGHAMPPS 2.7 Denial of Service via Malformed Socket ConnectionEPSS 0.3%CVE-2024-25972HIGHInitialization of a resource with an insecure default vulnerability in OET-213H-BTS1 sold in Japan by Atsumi Electric Co., Ltd. allows a netEPSS 0.3%