By sending a legitimate JSON payload that injects MongoDB operators such as $gt or $ne into the password field, attackers can trick a Node.js‑Express login endpoint into authenticating any user, illustrating how NoSQL injection bypasses authentication and how to detect and mitigate it.
The FastGPT AI Agent platform suffers a critical NoSQL injection (CVE‑2026‑40351) that lets attackers bypass authentication by injecting MongoDB operators into the password field, granting admin or root access, and the article details the flaw, its impact, proof‑of‑concept, and mitigation steps.
Google’s May 2026 Android security bulletin disclosed CVE‑2026‑0073, a critical zero‑click authentication bypass in the adbd daemon that lets any attacker on the same LAN bypass wireless ADB’s TLS verification and obtain a shell on unpatched Android 14‑16 devices, with detailed exploitation steps and mitigation guidance.
watchTowr Labs discovered a critical authentication bypass in all supported cPanel & WHM versions (CVE‑2026‑41940) that allows remote attackers to inject session files via crafted HTTP requests, gain root access, and has been observed in the wild; the article details the flaw, exploitation chain, impact, and mitigation steps.
The article walks through six real penetration‑testing scenarios, dissecting common encryption and authentication mechanisms in mini‑programs and web applications, demonstrating how to reverse‑engineer, debug, and script the bypass of Hawk signatures, MD5 timestamps, RSA and AES encryptions to achieve unauthorized data access and account takeover.
Cisco has issued six security advisories, including a critical authentication bypass vulnerability in its BroadWorks Application Delivery and Extension Service Platform (CVE‑2023‑20238) and a high‑severity RADIUS denial‑of‑service flaw in its Identity Services Engine (CVE‑2023‑20243), with CISA also issuing alerts and urging users to review and mitigate the issues.
The article explains how Spring Boot versions up to 2.3.0.RELEASE normalize request paths—including decoding %2e and handling directory traversal—which can be exploited to bypass authentication, and shows the code differences that cause this behavior in newer releases.
This article explains how Spring Boot versions up to 2.3.0.RELEASE normalize URLs containing the %2e sequence, causing servlet path handling that can be exploited to bypass authentication, and shows why the behavior changes in later releases.
The article analyzes a bypass flaw in Nacos 1.4.1 where the serverIdentity key‑value authentication can be evaded by crafting URLs with a trailing slash, allowing attackers to list, create, and log in as users despite the intended security checks.
The article explains how Nacos 1.4.1's serverIdentity key‑value authentication can be bypassed by manipulating the request path, allowing attackers to call any HTTP interface, add new users, and gain full console access, and provides reproduction steps and a fix recommendation.
This article explains the Nacos authentication bypass vulnerability affecting versions 1.2‑1.4, how attackers can exploit whitelist headers to gain unauthorized access, the widespread exposure revealed by Zoomeye scans, and the official remediation steps including upgrading to v1.4.1 and disabling the UA whitelist.
This article explains the mechanics of SQL injection and XSS attacks, demonstrates common exploitation methods such as table‑name guessing, error‑based and union queries, shows a vulnerable authentication script, and provides practical defensive coding techniques to mitigate these threats.
