CVEs classified under CWE-453, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2021-27426 — CVSS 9.8 (critical): GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,”…
CVE-2022-3262 — CVSS 8.1 (high): A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided…
CVE-2026-0082 — CVSS 7.8 (high): In tryStartActivity of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure…
CVE-2025-48563 — CVSS 7.8 (high): In onNullBinding of RemoteFillService.java, there is a possible background activity launch due to an insecure default value. This could…
CVE-2024-41255 — CVSS 7.5 (high): filestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a…
CVE-2025-61926: Allstar is a GitHub App to set and enforce security policies. In versions prior to 4.5, a vulnerability in Allstar’s Reviewbot component…
CVE-2026-41330 — CVSS 4.4 (medium): OpenClaw before 2026.3.31 contains an environment variable override vulnerability in host exec policy that fails to properly enforce proxy…