CVEs classified under CWE-1287, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2024-51550 — CVSS 10.0 (critical): Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device…
CVE-2024-6298 — CVSS 10.0 (critical): Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker…
CVE-2026-44935 — CVSS 9.9 (critical): Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before…
CVE-2021-32024 — CVSS 9.8 (critical): A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to…
CVE-2026-24307 — CVSS 9.3 (critical): Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2025-12977 — CVSS 9.1 (critical): Fluent Bit in_http, in_splunk, and in_elasticsearch input plugins fail to sanitize tag_key inputs. An attacker with network access or the…
CVE-2024-5594 — CVSS 9.1 (critical): OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected…
CVE-2024-35213 — CVSS 9.0 (critical): An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to…
CVE-2026-26115 — CVSS 8.8 (high): Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network.
CVE-2026-2004 — CVSS 8.8 (high): Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute…
CVE-2025-9042: A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IY8 device. It causes…
CVE-2025-9041: A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes…
CVE-2024-20494 — CVSS 8.6 (high): A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat…
CVE-2025-20251 — CVSS 8.5 (high): A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure…
CVE-2025-46342 — CVSS 8.5 (high): Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that…
CVE-2026-40851 — CVSS 8.4 (high): A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution…
CVE-2025-42929 — CVSS 8.1 (high): Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database…
CVE-2025-42916 — CVSS 8.1 (high): Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database…
CVE-2025-59278 — CVSS 7.8 (high): Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges…
CVE-2025-59277 — CVSS 7.8 (high): Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges…
CVE-2025-55701 — CVSS 7.8 (high): Improper validation of specified type of input in Microsoft Windows allows an authorized attacker to elevate privileges locally.
CVE-2026-2092 — CVSS 7.7 (high): A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted…
CVE-2025-20327 — CVSS 7.7 (high): A vulnerability in the web UI of Cisco IOS Software could allow an authenticated, remote attacker with low privileges to cause a denial of…
CVE-2025-20244 — CVSS 7.7 (high): A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure…
CVE-2024-20408 — CVSS 7.7 (high): A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat…
CVE-2024-8058 — CVSS 7.6 (high): An improper parsing vulnerability was reported in the FileZ client that could allow a crafted file in the FileZ directory to read arbitrary…
CVE-2026-9742 — CVSS 7.5 (high): When OIDC authentication is enabled in configuration, clients may set specific values in the "mechanism" parameter of the "authenticate"…
CVE-2026-33806 — CVSS 7.5 (high): Impact: Fastify applications using schema.body.content for per-content-type body validation can have validation bypassed entirely by…
CVE-2026-20119 — CVSS 7.5 (high): A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could…
CVE-2025-41729 — CVSS 7.5 (high): An unauthenticated remote attacker can send a specially crafted Modbus read command to the device which leads to a denial of service.
CVE-2025-54525 — CVSS 7.5 (high): Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant…
CVE-2025-41650 — CVSS 7.5 (high): An unauthenticated remote attacker can exploit input validation in cmd services of the devices, allowing them to disrupt system operations…
CVE-2025-32442 — CVSS 7.5 (high): Fastify is a fast and low overhead web framework, for Node.js. In versions 5.0.0 to 5.3.0 as well as version 4.29.0, applications that…
CVE-2024-48858 — CVSS 7.5 (high): Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a…
CVE-2024-9404 — CVSS 7.5 (high): This vulnerability could lead to denial-of-service or service crashes. Exploitation of the moxa_cmd service, because of insufficient input…
CVE-2024-8403 — CVSS 7.5 (high): Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100…
CVE-2024-43426 — CVSS 7.5 (high): A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where…
CVE-2024-47504 — CVSS 7.5 (high): An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) Juniper Networks Junos OS on SRX5000…
CVE-2024-30395 — CVSS 7.5 (high): An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon (RPD) of Junos OS and Junos OS Evolved allows an…
CVE-2022-43723 — CVSS 7.5 (high): A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All versions >= 7.0 < V8.06). Affected software…
CVE-2026-20074 — CVSS 7.4 (high): A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) multi-instance routing feature of Cisco IOS XR Software could…
CVE-2026-21932 — CVSS 7.4 (high): Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: AWT…
CVE-2025-10207 — CVSS 7.2 (high): Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5.
CVE-2024-48851 — CVSS 7.2 (high): Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.A remote code execution is possible due to an improper input…
CVE-2026-10825: A denial-of-service vulnerability exists in the WebSocket API due to insufficient validation and handling of JSON-based requests. A…
CVE-2023-47726 — CVSS 7.1 (high): IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an…
CVE-2026-25179 — CVSS 7.0 (high): Improper validation of specified type of input in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate…
CVE-2025-6298 — CVSS 6.7 (medium): ACAP applications can gain elevated privileges due to improper input validation, potentially leading to privilege escalation. This…