access:pre-auth 类型相关 21003 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2020-37093 | Netis E1+ 安全漏洞 — Netis E1+CWE-201 | 7.5 | High | 2026-02-03 |
| CVE-2020-37091 | Maian Media Maian Support 跨站请求伪造漏洞 — Maian Support HelpdeskCWE-352 | 5.3 | Medium | 2026-02-03 |
| CVE-2020-37088 | Arox School ERP Pro 路径遍历漏洞 — School ERP ProCWE-22 | 7.5 | High | 2026-02-03 |
| CVE-2020-37086 | Rubikon Easy Transfer 路径遍历漏洞 — Easy TransferCWE-22 | 6.2 | Medium | 2026-02-03 |
| CVE-2020-37082 | webERP 安全漏洞 — webERPCWE-552 | 9.8 | Critical | 2026-02-03 |
| CVE-2020-37080 | webTareas 安全漏洞 — webTareasCWE-73 | 9.8 | Critical | 2026-02-03 |
| CVE-2020-37071 | CraftCMS 3 vCard Plugin 代码问题漏洞 — CraftCMSCWE-502 | 9.8 | Critical | 2026-02-03 |
| CVE-2026-25509 | CI4MS 安全漏洞 — ci4msCWE-204 | 5.3 | Medium | 2026-02-03 |
| CVE-2026-25150 | Qwik 安全漏洞 — qwikCWE-1321 | 9.3 | Critical | 2026-02-03 |
| CVE-2026-1801 | libsoup 环境问题漏洞 — Red Hat Enterprise Linux 10CWE-444 | 5.3 | Medium | 2026-02-03 |
| CVE-2025-64438 | eProsima Fast DDS 安全漏洞 — Fast-DDSCWE-835 | 7.5AI | HighAI | 2026-02-03 |
| CVE-2025-62602 | Fast-DDS 安全漏洞 — Fast-DDSCWE-122 | 7.5AI | HighAI | 2026-02-03 |
| CVE-2026-25241 | pearweb SQL注入漏洞 — pearwebCWE-89 | 9.8AI | CriticalAI | 2026-02-03 |
| CVE-2026-24773 | Open eClass 安全漏洞 — openeclassCWE-639 | 7.5 | High | 2026-02-03 |
| CVE-2026-24664 | Open eClass 安全漏洞 — openeclassCWE-204 | 5.3 | Medium | 2026-02-03 |
| CVE-2020-37114 | GUnet OpenEclass 信息泄露漏洞 — GUnet OpenEclassCWE-200 | 4.3 | Medium | 2026-02-03 |
| CVE-2026-1058 | WordPress plugin Form Maker 跨站脚本漏洞 — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-79 | 7.1 | High | 2026-02-03 |
| CVE-2026-1447 | WordPress plugin Mail Mint 跨站请求伪造漏洞 — Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce EmailsCWE-352 | 5.4 | Medium | 2026-02-03 |
| CVE-2026-1065 | WordPress plugin Form Maker by 10Web 代码问题漏洞 — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-434 | 7.2 | High | 2026-02-03 |
| CVE-2026-0617 | WordPress plugin LatePoint 跨站脚本漏洞 — LatePoint – Calendar Booking Plugin for Appointments and EventsCWE-79 | 7.2 | High | 2026-02-03 |
| CVE-2026-0950 | WordPress plugin Spectra Gutenberg Blocks 信息泄露漏洞 — Spectra Gutenberg Blocks – Website Builder for the Block EditorCWE-200 | 5.3 | Medium | 2026-02-03 |
| CVE-2026-24936 | ASUSTOR ADM 安全漏洞 — ADMCWE-20 | 9.8AI | CriticalAI | 2026-02-03 |
| CVE-2026-24934 | ASUSTOR ADM 安全漏洞 — ADMCWE-295 | 3.7AI | LowAI | 2026-02-03 |
| CVE-2026-24933 | ASUSTOR ADM 安全漏洞 — ADMCWE-295 | 5.9AI | MediumAI | 2026-02-03 |
| CVE-2025-57529 | YouDataSum CPAS Audit Management System 安全漏洞 — n/a | 9.8AI | CriticalAI | 2026-02-03 |
| CVE-2025-61506 | MediaCrush 安全漏洞 — n/a | 9.1AI | CriticalAI | 2026-02-03 |
| CVE-2025-69970 | FUXA 安全漏洞 — n/a | 9.8AI | CriticalAI | 2026-02-03 |
| CVE-2025-69981 | FUXA 安全漏洞 — n/a | 9.8AI | CriticalAI | 2026-02-03 |
| CVE-2025-70758 | Core PHP Admin panel 安全漏洞 — n/a | 8.2AI | HighAI | 2026-02-03 |
| CVE-2025-70841 | Dokans 安全漏洞 — n/a | 10.0 | Critical | 2026-02-03 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21003 条 CVE 漏洞。