CVEs classified under CWE-494, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2020-1595 — CVSS 9.9 (critical): <p>A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An…
CVE-2020-1210 — CVSS 9.9 (critical): <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an…
CVE-2026-42248 — CVSS 9.8 (critical): Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. Unlike other platforms, the…
CVE-2026-34841 — CVSS 9.8 (critical): Bruno is an open source IDE for exploring and testing APIs. Prior to 3.2.1, Bruno was affected by a supply chain attack involving…
CVE-2026-3000 — CVSS 9.8 (critical): IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution vulnerability, allowing unauthenticated remote attackers to…
CVE-2026-2999 — CVSS 9.8 (critical): IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution vulnerability, allowing unauthenticated remote attackers to…
CVE-2026-27180 — CVSS 9.8 (critical): MajorDoMo (aka Major Domestic Module) is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL…
CVE-2025-40604 — CVSS 9.8 (critical): Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without…
CVE-2025-56513 — CVSS 9.8 (critical): NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of…
CVE-2025-34212 — CVSS 9.8 (critical): Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 (VA/SaaS…
CVE-2025-28236 — CVSS 9.8 (critical): Nautel VX Series transmitters VX SW v6.4.0 and below was discovered to contain a remote code execution (RCE) vulnerability in the firmware…
CVE-2023-41921 — CVSS 9.8 (critical): A vulnerability allows attackers to download source code or an executable from a remote location and execute the code without sufficiently…
CVE-2024-27438 — CVSS 9.8 (critical): Download of Code Without Integrity Check vulnerability in Apache Doris. The jdbc driver files used for JDBC catalog is not checked and may…
CVE-2023-27574 — CVSS 9.8 (critical): ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODE_SIGNING_INJECT_BASE_ENTITLEMENTS.
CVE-2022-24117 — CVSS 9.8 (critical): Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before…
CVE-2020-7883 — CVSS 9.8 (critical): Printchaser v2.2021.804.1 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote…
CVE-2002-0671 — CVSS 9.8 (critical): Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the…
CVE-2001-1125 — CVSS 9.8 (critical): Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to…
CVE-2024-28878 — CVSS 9.6 (critical): IO-1020 Micro ELD downloads source code or an executable from an adjacent location and executes the code without sufficiently verifying the…
CVE-2026-9037: A firmware update mechanism in the affected charging controller fails to validate the authenticity of firmware packages delivered through…
CVE-2025-53696: iSTAR Ultra performs a firmware verification on boot, however the verification does not inspect certain portions of the firmware. These…
CVE-2025-27593 — CVSS 9.3 (critical): The product can be used to distribute malicious code using SDD Device Drivers due to missing download verification checks, leading to code…
CVE-2024-48974 — CVSS 9.3 (critical): The ventilator does not perform proper file integrity checks when adopting firmware updates. This makes it possible for an attacker to…
CVE-2025-14265 — CVSS 9.1 (critical): In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the…
CVE-2020-9751 — CVSS 9.1 (critical): Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker's server and execute it during the…
CVE-2026-9089 — CVSS 8.8 (high): The ConnectWise Automate™ Agent does not fully verify the authenticity of components obtained during plugin loading and self-update…
CVE-2026-40066 — CVSS 8.8 (high): Anviz CX2 Lite and CX7 are vulnerable to unverified update packages that can be uploaded. The device unpacks and executes a script…
CVE-2026-33075 — CVSS 8.8 (high): FastGPT is an AI Agent building platform. In versions 4.14.8.3 and below, the fastgpt-preview-image.yml workflow is vulnerable to arbitrary…
CVE-2025-63434 — CVSS 8.8 (high): The update mechanism in Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is insecure. The application downloads and extracts…
CVE-2025-11493 — CVSS 8.8 (high): The ConnectWise Automate Agent does not fully verify the authenticity of files downloaded from the server, such as updates, dependencies…
CVE-2025-57431 — CVSS 8.8 (high): The Sound4 PULSE-ECO AES67 1.22 web-based management interface is vulnerable to Remote Code Execution (RCE) via a malicious firmware update…
CVE-2025-53520 — CVSS 8.8 (high): The affected product allows firmware updates to be downloaded from EG4's website, transferred via USB dongles, or installed through EG4's…
CVE-2025-7620 — CVSS 8.8 (high): The cross-browser document creation component produced by Digitware System Integration Corporation has a Remote Code Execution…
CVE-2024-43169 — CVSS 8.8 (high): IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a user to download a malicious file without verifying…
CVE-2024-30206 — CVSS 8.8 (high): A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating…
CVE-2023-47353 — CVSS 8.8 (high): An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows attackers to force the download of…
CVE-2022-45442 — CVSS 8.8 (high): Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0…
CVE-2022-36359 — CVSS 8.8 (high): An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a…
CVE-2022-28944 — CVSS 8.8 (high): Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for…
CVE-2022-24644 — CVSS 8.8 (high): ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit…
CVE-2020-7874 — CVSS 8.8 (high): Download of code without integrity check vulnerability in NEXACRO14 Runtime ActiveX control of tobesoft Co., Ltd allows the attacker to…
CVE-2020-7873 — CVSS 8.8 (high): Download of code without integrity check vulnerability in ActiveX control of Younglimwon Co., Ltd allows the attacker to cause a arbitrary…
CVE-2020-28213 — CVSS 8.8 (high): A CWE-494: Download of Code Without Integrity Check vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro)…
CVE-2020-7831 — CVSS 8.8 (high): A vulnerability in the web-based contract management service interface Ebiz4u of INOGARD could allow an victim user to download any file…