Description

Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYPR Passwordless: before 11.1.1.

Severity (CVSS)

Base score6.7
SeverityMedium
VersionCVSS 4.0
VectorCVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
Provided byCNA

Weaknesses

  • CWE-306 — CWE-306 Missing authentication for critical function

Affected products

VendorProductVersions
HYPRPasswordless0 to <11.1.1

References

Authoritative sources

This page is a snapshot. For the latest enrichment and updates, view the record on CVE.org or the NVD.

Generated from the official CVE List on 26 Jun 2026 07:05 UTC.