access:pre-auth 类型相关 21072 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2025-47372 | Qualcomm Chipsets 安全漏洞 — SnapdragonCWE-120 | 9.0 | Critical | 2025-12-18 |
| CVE-2025-63387 | dify 安全漏洞 — n/a | 7.5AI | HighAI | 2025-12-18 |
| CVE-2025-63388 | dify 安全漏洞 — n/a | 7.4AI | HighAI | 2025-12-18 |
| CVE-2025-63390 | AnythingLLM 安全漏洞 — n/a | 5.3AI | MediumAI | 2025-12-18 |
| CVE-2025-63950 | twittodon 安全漏洞 — n/a | 7.5AI | HighAI | 2025-12-18 |
| CVE-2025-63951 | RPi-Jukebox-RFID 安全漏洞 — n/a | 9.8AI | CriticalAI | 2025-12-18 |
| CVE-2025-65562 | free5GC 安全漏洞 — n/a | 7.5AI | HighAI | 2025-12-18 |
| CVE-2023-53930 | ProjectSend 安全漏洞 — projectSendCWE-639 | 7.5 | High | 2025-12-17 |
| CVE-2023-53922 | TinyWebGallery 代码问题漏洞 — TinyWebGalleryCWE-434 | 9.8 | Critical | 2025-12-17 |
| CVE-2023-53923 | UliCMS 安全漏洞 — UlicmsCWE-862 | 9.8 | Critical | 2025-12-17 |
| CVE-2023-53914 | UliCMS 安全漏洞 — UlicmsCWE-639 | 9.8 | Critical | 2025-12-17 |
| CVE-2025-68434 | Open Source Point of Sale 跨站请求伪造漏洞 — opensourceposCWE-352 | 8.8 | High | 2025-12-17 |
| CVE-2025-43428 | Apple多款产品 安全漏洞 — iOS and iPadOS | 5.3AI | MediumAI | 2025-12-17 |
| CVE-2025-34434 | AVideo 访问控制错误漏洞 — AVideoCWE-306 | 9.1AI | CriticalAI | 2025-12-17 |
| CVE-2025-34441 | AVideo 安全漏洞 — AVideoCWE-359 | 7.5AI | HighAI | 2025-12-17 |
| CVE-2025-62521 | ChurchCRM 代码注入漏洞 — CRMCWE-94 | 10.0 | Critical | 2025-12-17 |
| CVE-2025-20393 | Cisco Secure Email和Cisco Secure Email and Web Manager 安全漏洞 — Cisco Secure EmailCWE-20 | 10.0 | Critical | 2025-12-17 |
| CVE-2025-14399 | WordPress plugin Download Plugins and Themes in ZIP from Dashboard 跨站请求伪造漏洞 — Download Plugins and Themes in ZIP from DashboardCWE-352 | 4.3 | Medium | 2025-12-17 |
| CVE-2025-11924 | WordPress plugin Ninja Forms 安全漏洞 — Ninja Forms – The Contact Form Builder That Grows With YouCWE-639 | 7.5 | High | 2025-12-17 |
| CVE-2025-14061 | WordPress plugin WP Cookie Consent 安全漏洞 — Cookie Banner for GDPR / CCPA – WPLP Cookie ConsentCWE-862 | 5.3 | Medium | 2025-12-17 |
| CVE-2025-14154 | WordPress plugin Better Messages 跨站脚本漏洞 — Better Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private MessagesCWE-79 | 6.1 | Medium | 2025-12-17 |
| CVE-2025-13861 | WordPress plugin HTML Forms 跨站脚本漏洞 — HTML Forms – Simple WordPress Forms PluginCWE-79 | 6.1 | Medium | 2025-12-17 |
| CVE-2025-13880 | WordPress plugin WP Social Ninja 安全漏洞 — WP Social Ninja – Embed Social Feeds, User Reviews & Chat WidgetsCWE-862 | 6.5 | Medium | 2025-12-17 |
| CVE-2025-14304 | ASRock Motherboards 安全漏洞 — Intel 500 chipset motherboardCWE-693 | 6.8 | Medium | 2025-12-17 |
| CVE-2025-14303 | MSI Motherboards 安全漏洞 — Intel 600 chipset motherboardCWE-693 | 6.8 | Medium | 2025-12-17 |
| CVE-2025-14302 | GIGABYTE Chipsets 安全漏洞 — intel 600 chipset MotherboardCWE-693 | 6.8 | Medium | 2025-12-17 |
| CVE-2025-11009 | Mitsubishi Electric GT Designer3 安全漏洞 — GT Designer3 Version1 (GOT2000)CWE-312 | 5.1 | Medium | 2025-12-17 |
| CVE-2025-14701 | Crafty Controller 跨站脚本漏洞 — Crafty ControllerCWE-79 | 7.1 | High | 2025-12-17 |
| CVE-2025-65855 | Netun Solutions HelpFlash IoT 安全漏洞 — n/a | 6.8AI | MediumAI | 2025-12-17 |
| CVE-2025-14466 | Güralp Systems 安全漏洞 — Fortimus SeriesCWE-770 | 5.3 | Medium | 2025-12-16 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21072 条 CVE 漏洞。