CVEs classified under CWE-253, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2017-7474 — CVSS 9.8 (critical): It was found that the Keycloak Node.js adapter 2.5 - 3.0 did not handle invalid tokens correctly. An attacker could use this flaw to bypass…
CVE-2026-35091 — CVSS 8.2 (high): A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership…
CVE-2026-53090 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: bpf: Fix ld_{abs,ind} failure path analysis in subprogs Usage of…
CVE-2026-46419 — CVSS 7.5 (high): Yubico webauthn-server-core (aka java-webauthn-server) 2.8.0 before 2.8.2 incorrectly checks a function's return value in the second factor…
CVE-2025-57767 — CVSS 7.5 (high): Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.15.2, 21.10.2, and 22.5.2, if a SIP request…
CVE-2024-32475 — CVSS 7.5 (high): Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with `auto_sni` enabled, a request…
CVE-2026-5818: Incorrect check of function return value in Caliptra Core Runtime Firmware (ActivateFirmwareCmd::activate_fw modules) allows bypass of…
CVE-2025-54090 — CVSS 6.3 (medium): A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to…
CVE-2026-35340 — CVSS 5.5 (medium): A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive…
CVE-2026-35339 — CVSS 5.5 (medium): The recursive mode (-R) of the chmod utility in uutils coreutils incorrectly handles exit codes when processing multiple files. The final…
CVE-2023-34449 — CVSS 5.3 (medium): ink! is an embedded domain specific language to write smart contracts in Rust for blockchains built on the Substrate framework. Starting in…