Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2022-3258 | Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on Windows allows Authentication Abuse. | 3.7 | 0.21% | 2022-11-03 | 2026-06-17 |
| CVE-2022-1984 | This issue affects: HYPR Windows WFA versions prior to 7.2; Unsafe Deserialization vulnerability in HYPR Workforce Access (WFA) before version 7.2 may allow local authenticated attackers to elevate privileges via a malicious serialized payload. | 4.5 | 0.17% | 2022-07-19 | 2026-06-17 |
| CVE-2023-6334 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7. | 5.3 | 0.05% | 2024-01-16 | 2026-06-17 |
| CVE-2024-0068 | Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows File Manipulation.This issue affects Workforce Access: before 8.7.1. | 5.5 | 0.20% | 2024-02-29 | 2026-06-17 |
| CVE-2026-2414 | Authorization bypass through User-Controlled key vulnerability in HYPR Server allows Privilege Escalation.This issue affects Server: from 9.5.2 before 10.7.2. | 5.6 | 0.29% | 2026-03-25 | 2026-06-17 |
| CVE-2024-1721 | Improper Verification of Cryptographic Signature vulnerability in HYPR Passwordless on Windows allows Malicious Software Update.This issue affects HYPR Passwordless: before 9.1. | 5.6 | 0.11% | 2024-05-21 | 2026-06-17 |
| CVE-2025-2102 | Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.This issue affects HYPR Passwordless: before 10.1. | 5.7 | 0.12% | 2025-05-21 | 2026-06-17 |
| CVE-2026-1712 | Incorrect privilege assignment vulnerability in HYPR Server allows Privilege Escalation.This issue affects HYPR Server: from 10.5.1 before 10.7. | 5.8 | 0.29% | 2026-03-25 | 2026-06-17 |
| CVE-2025-0372 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.This issue affects HYPR Passwordless: before 10.1. | 5.9 | 0.05% | 2025-05-21 | 2026-06-17 |
| CVE-2023-6335 | Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7. | 6.4 | 0.17% | 2024-01-16 | 2026-06-17 |
| CVE-2026-4522 | Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYPR Passwordless: before 11.1.1. | 6.7 | 0.12% | 2026-06-25 | 2026-06-25 |
| CVE-2023-5097 | Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal.This issue affects Workforce Access: before 8.7. | 7.0 | 0.19% | 2024-01-16 | 2026-06-17 |
| CVE-2023-0834 | Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on MacOS allows Privilege Escalation.This issue affects Workforce Access: from 6.12 before 8.1. | 7.0 | 0.32% | 2023-04-28 | 2026-06-17 |
| CVE-2024-8273 | Authentication Bypass by Spoofing vulnerability in HYPR Server allows Identity Spoofing.This issue affects Server: before 10.1. | 7.1 | 0.27% | 2025-12-11 | 2026-06-17 |
| CVE-2023-6336 | Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7. | 7.2 | 0.17% | 2024-01-16 | 2026-06-17 |
| CVE-2023-1477 | Improper Authentication vulnerability in HYPR Keycloak Authenticator Extension allows Authentication Abuse.This issue affects HYPR Keycloak Authenticator Extension: before 7.10.2, before 8.0.3. | 7.2 | 0.62% | 2023-04-28 | 2026-06-17 |
| CVE-2022-2193 | Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated attackers to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in the Device Manager page. This issue affects: HYPR Server versions prior to 6.14.1. | 7.5 | 0.67% | 2022-07-19 | 2026-06-17 |
| CVE-2022-2192 | Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with a valid one-time recovery token to elevate privileges via path tampering in the Magic Link page. This issue affects: HYPR Server versions later than 6.10; version 6.15.1 and prior versions. | 7.5 | 0.76% | 2022-07-19 | 2026-06-17 |
| CVE-2023-1837 | Missing Authentication for critical function vulnerability in HYPR Server allows Authentication Bypass when using Legacy APIs.This issue affects HYPR Server: before 8.0 (with enabled Legacy APIs) | 8.5 | 0.55% | 2023-05-23 | 2026-06-17 |
| CVE-2024-0070 | Rejected reason: This CVE ID was unused by the CNA. | N/A | N/A | 2023-11-27 | 2023-11-27 |