access:pre-auth 类型相关 21018 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2026-21972 | Oracle E-Business Suite 安全漏洞 — Oracle Configurator | 5.3 | Medium | 2026-01-20 |
| CVE-2026-21969 | Oracle Supply Chain Products Suite 安全漏洞 — Oracle Agile Product Lifecycle Management for Process | 9.8 | Critical | 2026-01-20 |
| CVE-2026-21966 | Oracle Hospitality Applications 安全漏洞 — Oracle Hospitality OPERA 5 Property Services | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21967 | Oracle Hospitality Applications 安全漏洞 — Oracle Hospitality OPERA 5 | 8.6 | High | 2026-01-20 |
| CVE-2026-21962 | Oracle Fusion Middleware 安全漏洞 — Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in | 10.0 | Critical | 2026-01-20 |
| CVE-2026-21961 | Oracle PeopleSoft 安全漏洞 — PeopleSoft Enterprise HCM Human Resources | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21951 | Oracle PeopleSoft 安全漏洞 — PeopleSoft Enterprise PeopleTools | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21947 | Oracle Java SE 安全漏洞 — Oracle Java SE | 3.1 | Low | 2026-01-20 |
| CVE-2026-21945 | Oracle Java SE 安全漏洞 — Oracle Java SE | 7.5 | High | 2026-01-20 |
| CVE-2026-21946 | Oracle JD Edwards 安全漏洞 — JD Edwards EnterpriseOne Tools | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21943 | Oracle E-Business Suite 安全漏洞 — Oracle Scripting | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21938 | Oracle PeopleSoft 安全漏洞 — PeopleSoft Enterprise PeopleTools | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21939 | Oracle Database Server 安全漏洞 — Oracle Database Server | 7.0 | High | 2026-01-20 |
| CVE-2026-21940 | Oracle Supply Chain 安全漏洞 — Oracle Agile PLM | 7.5 | High | 2026-01-20 |
| CVE-2026-21932 | Oracle Java SE 安全漏洞 — Oracle Java SE | 7.4 | High | 2026-01-20 |
| CVE-2026-21933 | Oracle Java SE 安全漏洞 — Oracle Java SE | 6.1 | Medium | 2026-01-20 |
| CVE-2026-21928 | Oracle Solaris 安全漏洞 — Oracle Solaris | 5.3 | Medium | 2026-01-20 |
| CVE-2026-21925 | Oracle Java SE 安全漏洞 — Oracle Java SE | 4.8 | Medium | 2026-01-20 |
| CVE-2026-21926 | Oracle Siebel CRM 安全漏洞 — Siebel CRM Deployment | 7.5 | High | 2026-01-20 |
| CVE-2026-21923 | Oracle Health Sciences Applications 安全漏洞 — Oracle Life Sciences Central Designer | 6.5 | Medium | 2026-01-20 |
| CVE-2025-36066 | IBM Sterling Connect:Express Adapter for Sterling 跨站脚本漏洞 — Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0CWE-79 | 6.1 | Medium | 2026-01-20 |
| CVE-2025-15380 | WordPress plugin NotificationX 跨站脚本漏洞 — NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification BarCWE-79 | 7.2 | High | 2026-01-20 |
| CVE-2026-0726 | WordPress plugin Nexter Extension – Site Enhancements Toolkit 代码问题漏洞 — Nexter Extension – Security, Performance, Code Snippets & Site ToolkitCWE-502 | 8.1 | High | 2026-01-20 |
| CVE-2025-14533 | WordPress plugin Advanced Custom Fields: Extended 安全漏洞 — Advanced Custom Fields: ExtendedCWE-269 | 9.8 | Critical | 2026-01-20 |
| CVE-2026-1221 | Browan Communications PrismX MX100 信任管理问题漏洞 — PrismX MX100 AP controllerCWE-798 | 9.8 | Critical | 2026-01-20 |
| CVE-2025-14348 | WordPress plugin weMail 授权问题漏洞 — weMail: Email Marketing, Email Automation, Newsletters, Subscribers & Email Optins for WooCommerceCWE-285 | 5.3 | Medium | 2026-01-20 |
| CVE-2025-14798 | WordPress plugin LearnPress 安全漏洞 — LearnPress – WordPress LMS Plugin for Create and Sell Online CoursesCWE-862 | 5.3 | Medium | 2026-01-20 |
| CVE-2025-14351 | WordPress plugin Custom Fonts 安全漏洞 — Custom Fonts – Host Your Fonts LocallyCWE-862 | 5.3 | Medium | 2026-01-20 |
| CVE-2026-1051 | WordPress plugin Newsletter – Send awesome emails from WordPress 跨站请求伪造漏洞 — Newsletter – Send awesome emails from WordPressCWE-352 | 4.3 | Medium | 2026-01-20 |
| CVE-2025-14978 | WordPress plugin PeachPay 安全漏洞 — PeachPay — Payments & Express Checkout for WooCommerce (supports Stripe, PayPal, Square, Authorize.net, NMI)CWE-862 | 5.3 | Medium | 2026-01-20 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21018 条 CVE 漏洞。