access:pre-auth 类型相关 20995 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2026-26975 | Music Assistant 代码问题漏洞 — serverCWE-73 | 8.8 | High | 2026-02-20 |
| CVE-2025-70831 | Smanga 安全漏洞 — n/a | 9.8AI | CriticalAI | 2026-02-20 |
| CVE-2025-70833 | Smanga 安全漏洞 — n/a | 9.8AI | CriticalAI | 2026-02-20 |
| CVE-2026-26327 | OpenClaw 数据伪造问题漏洞 — openclawCWE-345 | 9.3 | - | 2026-02-19 |
| CVE-2026-26319 | OpenClaw 访问控制错误漏洞 — openclawCWE-306 | 7.5 | High | 2026-02-19 |
| CVE-2026-26057 | Skill Scanner 安全漏洞 — skill-scannerCWE-668 | 6.5 | Medium | 2026-02-19 |
| CVE-2026-26339 | Hyland Alfresco Transformation Service 安全漏洞 — Alfresco Transformation Service (Enterprise)CWE-918 | 9.8 | Critical | 2026-02-19 |
| CVE-2026-26338 | Hyland Alfresco Transformation Service 安全漏洞 — Alfresco Transformation Service (Enterprise)CWE-918 | 9.8 | Critical | 2026-02-19 |
| CVE-2026-26337 | Hyland Alfresco Transformation Service 安全漏洞 — Alfresco Transformation Service (Enterprise)CWE-36 | 8.2 | High | 2026-02-19 |
| CVE-2026-1581 | WordPress plugin wpForo Forum SQL注入漏洞 — wpForo ForumCWE-89 | 7.5 | High | 2026-02-19 |
| CVE-2026-2232 | WordPress plugin Product Table and List Builder for WooCommerce Lite SQL注入漏洞 — Product Table and List Builder for WooCommerce LiteCWE-89 | 7.5 | High | 2026-02-19 |
| CVE-2026-26336 | Hyland Alfresco 安全漏洞 — Alfresco EnterpriseCWE-863 | 7.5 | High | 2026-02-19 |
| CVE-2026-25766 | Echo 路径遍历漏洞 — echoCWE-22 | 5.3 | Medium | 2026-02-19 |
| CVE-2026-25738 | Indico 代码问题漏洞 — indicoCWE-367 | 7.5AI | HighAI | 2026-02-19 |
| CVE-2026-25527 | changedetection.io 路径遍历漏洞 — changedetection.ioCWE-22 | 5.3 | Medium | 2026-02-19 |
| CVE-2019-25430 | Comodo Dome Firewall 跨站脚本漏洞 — Comodo Dome FirewallCWE-79 | 6.1 | Medium | 2026-02-19 |
| CVE-2019-25414 | Comodo Dome Firewall 跨站脚本漏洞 — Comodo Dome FirewallCWE-79 | 6.1 | Medium | 2026-02-19 |
| CVE-2019-25413 | Comodo Dome Firewall 跨站脚本漏洞 — Comodo Dome FirewallCWE-79 | 6.1 | Medium | 2026-02-19 |
| CVE-2019-25402 | Comodo Dome Firewall 跨站脚本漏洞 — Comodo Dome FirewallCWE-79 | 6.1 | Medium | 2026-02-19 |
| CVE-2025-15563 | NesterSoft WorkTime 安全漏洞 — WorkTime (on-prem/cloud)CWE-862 | 5.3AI | MediumAI | 2026-02-19 |
| CVE-2025-15559 | NesterSoft WorkTime 安全漏洞 — WorkTime (on-prem/cloud)CWE-78 | 9.8AI | CriticalAI | 2026-02-19 |
| CVE-2026-1219 | WordPress plugin MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar 安全漏洞 — MP3 Audio Player – Music Player, Podcast Player & Radio by SonaarCWE-639 | 5.3 | Medium | 2026-02-19 |
| CVE-2026-1461 | WordPress plugin Simple Membership 安全漏洞 — Simple MembershipCWE-230 | 6.5 | Medium | 2026-02-19 |
| CVE-2026-1994 | WordPress plugin s2Member 安全漏洞 — s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access SubscriptionsCWE-269 | 9.8 | Critical | 2026-02-19 |
| CVE-2026-2731 | DynamicWeb 安全漏洞 — DynamicWeb 9CWE-22 | 9.1AI | CriticalAI | 2026-02-19 |
| CVE-2026-0722 | WordPress plugin Shield Security SQL注入漏洞 — Shield: Blocks Bots, Protects Users, and Prevents Security BreachesCWE-89 | 6.5 | Medium | 2026-02-19 |
| CVE-2025-13851 | WordPress plugin Buyent Classified 安全漏洞 — BuyentCWE-269 | 9.8 | Critical | 2026-02-19 |
| CVE-2026-1455 | WordPress plugin Whatsiplus Scheduled Notification for Woocommerce 跨站请求伪造漏洞 — Whatsiplus Scheduled Notification for WoocommerceCWE-352 | 4.3 | Medium | 2026-02-19 |
| CVE-2026-0926 | WordPress plugin Prodigy Commerce 安全漏洞 — Prodigy CommerceCWE-98 | 9.8 | Critical | 2026-02-19 |
| CVE-2026-0561 | WordPress plugin Shield Security 跨站脚本漏洞 — Shield: Blocks Bots, Protects Users, and Prevents Security BreachesCWE-79 | 6.1 | Medium | 2026-02-19 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 20995 条 CVE 漏洞。