Tag: auth bypass
3 articles
Check Point Discloses Zero-Day Auth Bypass Bug Under Active Exploitation
A critical authentication flaw, CVE-2026-50751, has been discovered in Check Point's Remote Access VPN and Mobile Access solutions, allowing attackers to bypass user authentication and establish a remote access VPN connection without a valid password. This severe vulnerability, scoring 9.3 on the CVSS scale, affects deployments using the outdated IKEv1 key exchange protocol.
Threat Actors Exploit PraisonAI Auth Bypass Within Hours of Disclosure
Within hours of a security flaw being disclosed, threat actors were exploiting it - a stark reminder of the risks of a legacy Flask API server that ships with authentication disabled by default. This gaping hole allowed attackers to access sensitive endpoints and trigger workflows without a token, putting systems at risk.
cPanel Rushes Emergency Update to Fix Auth Bypass Bug
A critical security vulnerability in cPanel software has been discovered, allowing unauthorized access to the control panel, prompting immediate action from providers like Namecheap to protect customers. cPanel has since rushed out an emergency update to fix the authentication bypass bug affecting all currently supported versions.