Authentication bypass exploit. Oct 22, 2025 · In September 2025, a critical vulnerability ...

Authentication bypass exploit. Oct 22, 2025 · In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. The vulnerability makes it possible for an unauthenticated attacker to gain access to any account on a site including accounts used to administer the site, if the attacker knows, or can find, the associated Feb 26, 2026 · Multiple vulnerabilities have been discovered in Cisco Catalyst SD-WAN products, the most severe of which could allow for authentication bypass. The flaw occurs because the handshake logic checks for the presence of an `auth. Mar 5, 2026 · A vulnerability has been discovered in pac4j-jwt (JwtAuthenticator) which could allow for authentication bypass. Mar 5, 2026 · An attacker could exploit this flaw by sending crafted HTTP requests to the affected device. In this section, we explain: Mar 3, 2026 · A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. CVE-2026-29000 is a CVSS 10. token` parameter but fails to perform any validation on the token’s content or authenticity. 5 days ago · Critical Fortinet authentication bypass vulnerability exploited for credential theft and network breaches; review impact, affected products, and patch guidance. Attackers can exploit the bug by sending specially crafted HTTP requests to 5 days ago · CVE-2026-28472 is a critical vulnerability in OpenClaw versions prior to 2026. zqtda dipa jmom lqaffze xrc ypunf quqgl vbgl luto oydwc