CWE-640 · Weak Password Recovery Mechanism for Forgotten Password

277 CVEs classified under CWE-640 (Weak Password Recovery Mechanism for Forgotten Password). Browse by severity and year.

Top CVEs for CWE-640
CVESeverityScorePublishedSummary
CVE-2025-4320Critical10.02026-01-23Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutio…
CVE-2025-63314Critical10.02026-01-12A static password reset token in the password reset function of DDSN Interactive Acora CMS v10.7.1 allows attackers to arbitrarily reset the user password and…
CVE-2023-7028Critical10.02024-01-12An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5…
CVE-2026-12417Critical9.82026-06-24The SignUp & SignIn plugin for WordPress is vulnerable to Authentication Bypass via Weak Password Reset Validation leading to Account Takeover in versions up t…
CVE-2026-12416Critical9.82026-06-24The Invoice Generator plugin for WordPress is vulnerable to Account Takeover via Password Reset in all versions up to, and including, 1.0.0. This is due to the…
CVE-2026-11551Critical9.82026-06-20The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.29. This is due to the plu…
CVE-2026-32865Critical9.82026-03-19OPEXUS eComplaint and eCASE before version 10.1.0.0 include the secret verification code in the HTTP response when requesting a password reset via 'ForcePasswo…
CVE-2026-28268Critical9.82026-02-27Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerability exists in the password reset mechan…
CVE-2026-28213Critical9.82026-02-26EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a targe…
CVE-2026-26273Critical9.82026-02-13Known is a social publishing platform. Prior to 1.6.3, a Critical Broken Authentication vulnerability exists in Known 1.6.2 and earlier. The application leaks…
CVE-2022-50910Critical9.82026-01-13Beehive Forum 1.5.2 contains a host header injection vulnerability in the forgot password functionality that allows attackers to manipulate password reset requ…
CVE-2025-64113Critical9.82025-12-09Emby Server is a user-installable home media server. Versions below 4.9.1.81 allow an attacker to gain full administrative access to an Emby Server (for Emby S…
CVE-2025-50433Critical9.82025-11-26An issue was discovered in imonnit.com (2025-04-24) allowing malicious actors to gain escalated privileges via crafted password reset to take over arbitrary us…
CVE-2025-12866Critical9.82025-11-10EIP Plus developed by Hundred Plus has a Weak Password Recovery Mechanism vulnerability, allowing unauthenticated remote attacker to predict or brute-force the…
CVE-2025-10127Critical9.82025-09-11Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypa…
CVE-2025-32486Critical9.82025-09-09Weak Password Recovery Mechanism for Forgotten Password vulnerability in Hossein Material Dashboard material-dashboard.This issue affects Material Dashboard: f…
CVE-2025-50594Critical9.82025-08-13An issue was discovered in /Code/Websites/DanpheEMR/Controllers/Settings/SecuritySettingsController.cs in Danphe Health Hospital Management System EMR 3.2 allo…
CVE-2025-43932Critical9.82025-07-07JobCenter through 7e7b0b2 allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTT…
CVE-2025-43931Critical9.82025-07-07flask-boilerplate through a170e7c allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the…
CVE-2025-6216Critical9.82025-06-21Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on aff…