CVEs classified under CWE-372, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-22590 — CVSS 9.1 (critical): The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello…
CVE-2023-4012 — CVSS 7.5 (high): ntpd will crash if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request (mode 3).
CVE-2020-27222 — CVSS 7.5 (high): In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the DTLS…
CVE-2026-41388 — CVSS 6.5 (medium): OpenClaw before 2026.3.31 contains a configuration management vulnerability where startup migration treats empty-array settings as missing…
CVE-2026-41340 — CVSS 6.5 (medium): OpenClaw before 2026.3.31 contains an authentication boundary vulnerability where Telegram legacy allowFrom migration incorrectly fans…
CVE-2026-41300 — CVSS 6.5 (medium): OpenClaw before 2026.3.31 contains a trust-decline vulnerability that preserves attacker-discovered endpoints in remote onboarding flows…
CVE-2023-36834 — CVSS 6.5 (medium): An Incomplete Internal State Distinction vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX 4600 and…
CVE-2021-25735 — CVSS 6.5 (medium): A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only…