CVE-2025-26700

MEDIUM Year: 2025
CVSS v3 Score
5.2
Medium
Weakness Type
CWE-288
View all →

Vulnerability Description

Authentication bypass using an alternate path or channel issue exists in ”RoboForm Password Manager" App for Android versions prior to 9.7.4, which may allow an attacker with access to a device where the application is installed to bypass the lock screen and obtain sensitive information.

Related Vulnerabilities

CVE-2018-19000

MEDIUM
CVSS:5.3(Medium)

LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data.

CWE-2882018

CVE-2022-24047

MEDIUM
CVSS:5.3(Medium)

This vulnerability allows remote attackers to bypass authentication on affected installations of BMC Track-It! 20.21.01.102. Authentication is not required to exploit this vulnerability. The specific ...

CWE-2882022

CVE-2024-1525

MEDIUM
CVSS:5.3(Medium)

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Unde...

CWE-2882024

CVE-2024-33939

MEDIUM
CVSS:5.3(Medium)

Authentication Bypass Using an Alternate Path or Channel vulnerability in Masteriyo Masteriyo - LMS. Unauth access to course progress.This issue affects Masteriyo - LMS: from n/a through 1.7.3.

CWE-2882024

CVE-2024-46887

MEDIUM
CVSS:5.3(Medium)

The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge a...

CWE-2882024

CVE-2024-50334

HIGH
CVSS:5.3(Medium)

Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass a...

CWE-2882024