CVEs classified under CWE-1286, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2025-41719 — CVSS 8.8 (high): A low privileged remote attacker can corrupt the webserver users storage on the device by setting a sequence of unsupported characters…
CVE-2026-6442 — CVSS 8.3 (high): Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside…
CVE-2024-26507 — CVSS 7.8 (high): An issue in FinalWire AIRDA Extreme, AIDA64 Engineer, AIDA64 Business, AIDA64 Network Audit v.7.00.6700 and before allows a local attacker…
CVE-2025-8873 — CVSS 7.5 (high): On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all…
CVE-2026-7307 — CVSS 7.5 (high): A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security Assertion Markup…
CVE-2026-40198 — CVSS 7.5 (high): Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. _pack_ipv6() does not…
CVE-2026-33778 — CVSS 7.5 (high): An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos…
CVE-2026-21917 — CVSS 7.5 (high): An Improper Validation of Syntactic Correctness of Input vulnerability in the Web-Filtering module of Juniper Networks Junos OS on SRX…
CVE-2025-13033 — CVSS 7.5 (high): A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An…
CVE-2025-11573 — CVSS 7.5 (high): An infinite loop issue in Amazon.IonDotnet library versions <v1.3.2 may allow a threat actor to cause a denial of service through a…
CVE-2024-51983 — CVSS 7.5 (high): An unauthenticated attacker who can connect to the Web Services feature (HTTP TCP port 80) can issue a WS-Scan SOAP request containing an…
CVE-2024-51982 — CVSS 7.5 (high): An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (PJL) command that will crash the target…
CVE-2025-30415 — CVSS 7.5 (high): Denial of service due to improper handling of malformed input. The following products are affected: Acronis Cyber Protect Cloud Agent…
CVE-2025-24346 — CVSS 7.5 (high): A vulnerability in the “Proxy” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker…
CVE-2025-22868 — CVSS 7.5 (high): An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
CVE-2025-0638 — CVSS 7.5 (high): The initial code parsing the manifest did not check the content of the file names yet later code assumed that it was checked and panicked…
CVE-2024-39542 — CVSS 7.5 (high): An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS…
CVE-2024-21598 — CVSS 7.5 (high): An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS…
CVE-2024-3384 — CVSS 7.5 (high): A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New…
CVE-2024-0218 — CVSS 7.5 (high): A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian, caused by improper input validation in certain fields used in the…
CVE-2024-21616 — CVSS 7.5 (high): An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS…
CVE-2024-21595 — CVSS 7.5 (high): An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS…
CVE-2023-28985 — CVSS 7.5 (high): An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX…
CVE-2022-1941 — CVSS 7.5 (high): A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4…
CVE-2021-31987 — CVSS 7.5 (high): A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network…
CVE-2024-6284 — CVSS 7.3 (high): In https://github.com/google/nftables IP addresses were encoded in the wrong byte order, resulting in an nftables configuration which does…
CVE-2025-59785 — CVSS 7.2 (high): Improper validation of API end-point in 2N Access Commander version 3.4.2 and prior allows attacker to bypass password policy for backup…
CVE-2026-0983: Denial-of-service condition in M-Files Server versions before 26.5.16015.0, before 26.2 LTS, and before 25.8 LTS SR3 allows an…
CVE-2025-24347 — CVSS 6.5 (medium): A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated…
CVE-2025-20644 — CVSS 6.5 (medium): In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has…
CVE-2025-24812 — CVSS 6.5 (medium): A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU…
CVE-2024-6173 — CVSS 6.5 (medium): 51l3nc3, member of the AXIS OS Bug Bounty Program, has found that a Guard Tour VAPIX API parameter allowed the use of arbitrary values…
CVE-2023-43850 — CVSS 6.5 (medium): Improper input validation in the user management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated…
CVE-2023-21405 — CVSS 6.5 (medium): Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP…
CVE-2025-13327 — CVSS 6.3 (medium): A flaw was found in uv. This vulnerability allows an attacker to execute malicious code during package resolution or installation via…
CVE-2025-24345 — CVSS 6.3 (medium): A vulnerability in the “Hosts” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker…
CVE-2026-20114 — CVSS 5.4 (medium): A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to…
CVE-2025-24348 — CVSS 5.4 (medium): A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated…
CVE-2025-67492 — CVSS 5.3 (medium): Weblate is a web based localization tool. In versions prior to 5.15, it was possible to trigger repository updates for many repositories…
CVE-2025-10954 — CVSS 5.3 (medium): Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of…
CVE-2025-25007 — CVSS 5.3 (medium): Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over…
CVE-2025-13995 — CVSS 5.0 (medium): IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 could allow an attacker with access to one tenant to access hostname data from…
CVE-2026-0663 — CVSS 4.9 (medium): Denial-of-service vulnerability in M-Files Server versions before 26.1.15632.3 allows an authenticated attacker with vault administrator…
CVE-2025-36262 — CVSS 4.9 (medium): IBM Planning Analytics Local 2.0.0 through 2.0.106 and 2.1.0 through 2.1.13 could allow a malicious privileged user to bypass the UI to…