unauthenticated - Robuta Search

https://thehackernews.com/2026/03/critical-telnetd-flaw-cve-2026-32746.html Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE CVE-2026-32746 exposes telnetd via pre-auth flaw (CVSS 9.8), enabling root RCE through port 23, risking full system takeover. critical flaw cve enables unauthenticated https://thehackernews.com/2026/03/oracle-patches-critical-cve-2026-21992.html Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager Oracle fixes CVE-2026-21992 (CVSS 9.8) flaw enabling unauthenticated RCE via HTTP, risking full system compromise. identity manager oracle patches critical cve https://www.rapid7.com/blog/post/etr-cve-2025-10035-critical-unauthenticated-rce-in-goanywhere-mft/ CVE-2025-10035 - Critical unauthenticated RCE in GoAnywhere MFT CVE-2025-10035 affects Fortra GoAnywhere MFT, an enterprise managed file transfer solution, and allows an attacker to achieve unauthenticated remote code... goanywhere mft cve critical unauthenticated rce https://docs.escape.tech/documentation/reference/vulnerabilities/phpmyadmin_unauth_access/ PhpMyAdmin - Unauthenticated Access - Escape Documentation phpmyadmin unauthenticated access escape documentation https://scs.owasp.org/SCWE/SCSVS-AUTH/SCWE-106/ SCWE-106: Unauthenticated Meta-Transactions - OWASP Smart Contract Security smart contract security scwe unauthenticated meta transactions https://docs.swiftylaunch.com/troubleshooting/firebase-functions-returns-unauthenticated-error Firebase Functions returns UNAUTHENTICATED error | SwiftyLaunch Docs Documentation of SwiftyLaunch - the best way to start your next Swift project! firebase functions swiftylaunch docs returns unauthenticated error https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380 ACME v2 - Scheduled deprecation of unauthenticated resource GETs - API Announcements - Let's... During a final round of review within the IETF before the creation of RFC 8555 the draft ACME protocol was updated to replace unauthenticated GET requests to... acme v2 api announcements scheduled deprecation unauthenticated https://cyberplace.social/@GossiTheDog/115656562476110660 Kevin Beaumont: "There is an unauthenticated remote code execution…" - Cyberplace There is an unauthenticated remote code execution vulnerability in React Server Components. Even if your app does not implement any React Server Function... kevin beaumont there is remote code unauthenticated https://www.aikido.dev/blog/xss-vulnerabilities-in-mailcow Multiple XSS Vulnerabilities Found in Mailcow, Including Unauthenticated Account Takeover Apr 17, 2026 - Aikido's AI pentest agent found three XSS vulnerabilities in Mailcow, one of which let unauthenticated attackers take over administrator accounts. All issues... vulnerabilities found account takeover multiple xss mailcow https://sethmlarson.dev/i-fear-for-the-unauthenticated-web I fear for the unauthenticated web — Seth Larson Python, open source, and the internet for the seth larson fear unauthenticated web https://thehackernews.com/2026/03/citrix-urges-patching-critical.html Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks Citrix fixes CVE-2026-3055 memory flaw in NetScaler, enabling data leaks in SAML setups, raising risk of imminent exploitation. data leaks citrix urges patching critical https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-1389/proxy_exploit_cve_2023_1389_unauth_command_injection_tplink_archer_ax21/ CVE-2023-1389 Potential Exploitation Attempt - Unauthenticated Command Injection In TP-Link Archer... Detects potential exploitation attempt of CVE-2023-1389 an Unauthenticated Command Injection in TP-Link Archer AX21. command injection tp link cve potential exploitation https://securityonline.info/weaver-ecology-rce-vulnerability-cve-2026-22679/ Critical Zero-Day: Unauthenticated RCE Exploited in Weaver E-cology 10.0 Weaver E-cology 10.0 faces a critical 9.3 CVSS RCE (CVE-2026-22679). Unauthenticated attackers can hijack servers via a debug endpoint. Patch immediately! zero day critical unauthenticated rce exploited https://hashnode.com/posts/ghsa-h6rj-3m53-887h-ghsa-h6rj-3m53-887h-unauthenticated-denial-of-service-via-log-parsing-recursion-in-pocketmine-mp/69d4758e09aff48a7be18c08 Discussion on "GHSA-H6RJ-3M53-887H: GHSA-H6RJ-3M53-887H: Unauthenticated Denial of Service via Log... denial of service discussion https://www.rapid7.com/blog/post/etr-cve-2026-1731-critical-unauthenticated-remote-code-execution-rce-beyondtrust-remote-support-rs-privileged-remote-access-pra/ CVE-2026-1731: Critical Unauthenticated Remote Code Execution in BeyondTrust Remote Support (RS)... remote code execution cve critical unauthenticated beyondtrust https://www.rapid7.com/blog/post/etr-react2shell-cve-2025-55182-critical-unauthenticated-rce-affecting-react-server-components/ React2Shell, Critical unauthenticated RCE affecting React Server Components (CVE-2025-55182) CVE-2025-55182 is a critical unauthenticated remote code execution vulnerability affecting React, a very popular library for building modern web applications. react server components react2shell critical unauthenticated rce https://app-attack-matrix.com/techniques/Gain%20Access/External%20Remote%20Services/subtechniques/Unauthenticated%20Administration%20Interfaces/ Unauthenticated Administration Interfaces - Application Security Tactics & Techniques Matrix application security unauthenticated administration interfaces tactics https://securityonline.info/coredns-dos-flaw-unauthenticated-attackers-can-crash-servers-via-dns-over-quic/ CoreDNS DoS Flaw: Unauthenticated Attackers Can Crash Servers via DNS-over-QUIC A DoS flaw in CoreDNS (CVE-2025-47950) allows unauthenticated attackers to crash servers using DNS-over-QUIC. Update to 1.12.2 immediately or disable QUIC. coredns dos https://seclists.org/oss-sec/2026/q2/235 oss-sec: CVE-2026-40355, CVE-2026-40356: MIT krb5 1.18+ Unauthenticated Network read overrun and... oss sec cve mit krb5 https://meterpreter.org/zero-day-surge-the-metinfo-cms-flaw-that-grants-unauthenticated-root-access-to-servers/ Zero-Day Surge: The MetInfo CMS Flaw That Grants Unauthenticated Root Access to Servers A zero-day vulnerability residing within the Chinese content management system MetInfo has entered a phase of active exploitation zero day https://seclists.org/oss-sec/2020/q4/69 oss-sec: [SECURITY][CVE-2020-13937] Unauthenticated Configuration Disclosure oss sec cve unauthenticated configuration https://thehackernews.com/2025/06/critical-rce-flaws-in-cisco-ise-and-ise.html Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access Cisco fixes CVE-2025-20281 and CVE-2025-20282 in ISE, ISE-PIC to prevent remote code execution. gain root access https://www.ntp.org/support/securitynotice/ntpbug3118/ NTP BUG 3118: Mode 6 unauthenticated trap information disclosure and DDoS vector An exploitable configuration modification vulnerability exists in the control mode functionality of ntpd. If, against long-standing BCP recommendations,... information disclosure ntp bug mode unauthenticated https://support.knowledgeowl.com/help/create-a-new-smtp-service-unauthenticated Create a new SMTP service: Unauthenticated | KnowledgeOwl Support If your SMTP provider doesn't require authentication, follow these instructions to set up your SMTP service. a new smtp service create unauthenticated support https://www.rapid7.com/blog/post/etr-cve-2025-37164-critical-unauthenticated-rce-affecting-hewlett-packard-enterprise-oneview/ CVE-2025-37164: Critical unauthenticated RCE affecting Hewlett Packard Enterprise OneView On December 17, 2025, Hewlett Packard Enterprise (HPE) published an advisory for CVE-2025-37164, a CVSS 10.0 vulnerability in HPE OneView. hewlett packard enterprise cve critical unauthenticated rce https://cert.ug/metinfo-cms-unauthenticated-php-code-injection-under-active-exploitation-cve-2026-29014 MetInfo CMS Unauthenticated PHP Code Injection Under Active Exploitation (CVE-2026-29014) | Uganda... under active exploitation php code metinfo cms unauthenticated https://buddypress.org/support/topic/unauthenticated-arbitrary-shortcode-execution-security-vulnerability/ Topic: Unauthenticated Arbitrary Shortcode Execution Security Vulnerability · BuddyPress.org security vulnerability topic unauthenticated arbitrary shortcode https://www.aikido.dev/blog/n8n-rce-vulnerability-cve-2026-21858 n8n Critical Vulnerability (CVE-2026-21858) | Unauthenticated RCE Explained Jan 8, 2026 - A critical vulnerability in n8n (CVE-2026-21858) allows unauthenticated remote code execution on self-hosted instances. Learn who is affected and how to... n8n critical vulnerability cve unauthenticated https://www.augustl.com/blog/2007/asserting_unauthenticated_actions/ Asserting unauthenticated actions (August Lilleaas' blog) asserting unauthenticated actions august blog https://thehackernews.com/2026/03/9-critical-ip-kvm-flaws-enable.html 9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors Researchers uncovered 9 vulnerabilities across 4 IP KVM devices enabling unauthenticated root access and code execution. root access critical ip kvm flaws