access:pre-auth 类型相关 20697 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2026-39324 | Rack::Session 安全漏洞 — rack-sessionCWE-287 | 7.4AI | HighAI | 2026-04-07 |
| CVE-2026-39321 | Parse Server 安全漏洞 — parse-serverCWE-208 | 4.8AI | MediumAI | 2026-04-07 |
| CVE-2026-39337 | ChurchCRM 代码注入漏洞 — CRMCWE-94 | 10.0 | Critical | 2026-04-07 |
| CVE-2026-39339 | ChurchCRM 安全漏洞 — CRMCWE-284 | 9.1 | Critical | 2026-04-07 |
| CVE-2026-22680 | OpenViking 安全漏洞 — OpenVikingCWE-862 | 5.3 | Medium | 2026-04-07 |
| CVE-2026-39312 | SoftEther VPN 安全漏洞 — SoftEtherVPNCWE-789 | 7.5 | High | 2026-04-07 |
| CVE-2025-14944 | WordPress plugin Backup Migration 安全漏洞 — BackupBliss – Backup & Migration with Free Cloud StorageCWE-862 | 5.3 | Medium | 2026-04-07 |
| CVE-2026-35604 | File Browser 安全漏洞 — filebrowserCWE-863 | 4.3AI | MediumAI | 2026-04-07 |
| CVE-2026-35584 | FreeScout 安全漏洞 — freescoutCWE-306 | 8.2AI | HighAI | 2026-04-07 |
| CVE-2026-35526 | Strawberry GraphQL 安全漏洞 — strawberryCWE-770 | 7.5 | High | 2026-04-07 |
| CVE-2026-35487 | Text Generation Web UI 路径遍历漏洞 — text-generation-webuiCWE-22 | 5.3 | Medium | 2026-04-07 |
| CVE-2026-35485 | Text Generation Web UI 安全漏洞 — text-generation-webuiCWE-22 | 7.5 | High | 2026-04-07 |
| CVE-2026-35484 | Text Generation Web UI 路径遍历漏洞 — text-generation-webuiCWE-22 | 5.3 | Medium | 2026-04-07 |
| CVE-2026-35483 | Text Generation Web UI 路径遍历漏洞 — text-generation-webuiCWE-22 | 5.3 | Medium | 2026-04-07 |
| CVE-2026-35457 | rust-libp2p 安全漏洞 — rust-libp2pCWE-770 | 8.2 | High | 2026-04-07 |
| CVE-2026-22679 | Weaver e-cology 访问控制错误漏洞 — E-cologyCWE-306 | 9.8 | Critical | 2026-04-07 |
| CVE-2021-4473 | TOPSEC Internet Behavior Management System 操作系统命令注入漏洞 — Tianxin Internet Behavior Management SystemCWE-78 | 9.8 | Critical | 2026-04-07 |
| CVE-2026-28808 | Erlang/OTP 安全漏洞 — OTPCWE-863 | 9.8AI | CriticalAI | 2026-04-07 |
| CVE-2026-31842 | Tinyproxy 安全漏洞 — TinyproxyCWE-444 | 7.5 | High | 2026-04-07 |
| CVE-2026-4420 | Bludit 跨站脚本漏洞 — BluditCWE-79 | 5.4AI | MediumAI | 2026-04-07 |
| CVE-2026-3177 | WordPress plugin Charitable 数据伪造问题漏洞 — Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & MoreCWE-345 | 5.3 | Medium | 2026-04-07 |
| CVE-2026-1900 | WordPress plugin Link Whisper Free 安全漏洞 — Link Whisper Free | 5.3AI | MediumAI | 2026-04-07 |
| CVE-2025-15611 | WordPress plugin Popup Box 安全漏洞 — Popup Box | 7.1AI | HighAI | 2026-04-07 |
| CVE-2026-0740 | WordPress plugin Ninja Forms - File Uploads 代码问题漏洞 — Ninja Forms - File UploadsCWE-434 | 9.8 | Critical | 2026-04-07 |
| CVE-2025-56015 | GenieACS 安全漏洞 — n/a | 9.8AI | CriticalAI | 2026-04-07 |
| CVE-2026-31271 | production_ssm 安全漏洞 — n/a | 9.8AI | CriticalAI | 2026-04-07 |
| CVE-2026-31272 | MRCMS 安全漏洞 — n/a | 9.8AI | CriticalAI | 2026-04-07 |
| CVE-2026-35449 | WWBN AVideo 信息泄露漏洞 — AVideoCWE-200 | 5.3 | Medium | 2026-04-06 |
| CVE-2026-35413 | Directus 信息泄露漏洞 — directusCWE-200 | 5.3 | Medium | 2026-04-06 |
| CVE-2026-22675 | OCS Inventory NG 跨站脚本漏洞 — OCS Inventory NG ServerCWE-79 | 5.4 | Medium | 2026-04-06 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 20697 条 CVE 漏洞。