CVEs classified under CWE-653, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2026-4692 — CVSS 10.0 (critical): Sandbox escape in the Responsive Design Mode component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9…
CVE-2025-1974 — CVSS 9.8 (critical): A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network…
CVE-2024-33768 — CVSS 9.8 (critical): lunasvg v2.3.9 was discovered to contain a segmentation violation via the component composition_solid_source_over.
CVE-2026-0542: ServiceNow has addressed a remote code execution vulnerability that was identified in the ServiceNow AI platform. This vulnerability could…
CVE-2025-4083 — CVSS 9.1 (critical): A process isolation vulnerability in Thunderbird stemmed from improper handling of javascript: URIs, which could allow content to execute…
CVE-2025-5476 — CVSS 8.8 (high): Sony XAV-AX8500 Bluetooth Improper Isolation Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to…
CVE-2024-23683 — CVSS 8.2 (high): Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of…
CVE-2025-12805 — CVSS 8.1 (high): A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack…
CVE-2023-1305 — CVSS 8.1 (high): An authenticated attacker can leverage an exposed “box” object to read and write arbitrary files from disk, provided those files can be…
CVE-2025-34201 — CVSS 7.8 (high): Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) run many Docker containers on shared…
CVE-2025-20109 — CVSS 7.8 (high): Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to…
CVE-2024-0136 — CVSS 7.6 (high): NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted…
CVE-2024-0135 — CVSS 7.6 (high): NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification…
CVE-2024-47520 — CVSS 7.6 (high): A user with advanced report application access rights can perform actions for which they are not authorized
CVE-2025-53710 — CVSS 7.5 (high): Due to a product misconfiguration in certain deployment types, it was possible from different pods in the same namespace to communicate…
CVE-2026-4282 — CVSS 7.4 (high): A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. This…
CVE-2026-5599: A user with API access and "manage users" permission in any venueless world is able to trigger deletion of user accounts in other worlds.
CVE-2026-42782 — CVSS 7.2 (high): Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations…
CVE-2025-57738 — CVSS 7.2 (high): Apache Syncope offers the ability to extend / customize the base behavior on every deployment by allowing to provide custom implementations…
CVE-2025-41688 — CVSS 7.2 (high): A high privileged remote attacker can execute arbitrary OS commands using an undocumented method allowing to escape the implemented LUA…
CVE-2025-3086 — CVSS 7.1 (high): Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and…
CVE-2026-34775 — CVSS 6.8 (medium): Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.4…
CVE-2025-24986 — CVSS 6.5 (medium): Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network.
CVE-2024-30388 — CVSS 6.5 (medium): An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000…
CVE-2026-41174 — CVSS 6.4 (medium): Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a potential vulnerability…
CVE-2023-1636 — CVSS 6.0 (medium): A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one…
CVE-2025-12695 — CVSS 5.9 (medium): The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which…
CVE-2026-25905 — CVSS 5.8 (medium): The Python code being run by 'runPython' or 'runPythonAsync' is not isolated from the rest of the JS code, allowing any Python code to use…
CVE-2026-41155 — CVSS 5.5 (medium): An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory…
CVE-2024-0137 — CVSS 5.5 (medium): NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted…
CVE-2024-35425 — CVSS 5.5 (medium): vmir e8117 was discovered to contain a segmentation violation via the function_prepare_parse function at /src/vmir_function.c.
CVE-2023-29580 — CVSS 5.5 (medium): yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasm_expr_create at /libyasm/expr.c.
CVE-2025-26393 — CVSS 5.4 (medium): SolarWinds Service Desk is affected by a broken access control vulnerability. The issue allows authenticated users to escalate privileges…
CVE-2026-4325 — CVSS 5.3 (medium): A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. This…
CVE-2025-46215 — CVSS 5.3 (medium): An Improper Isolation or Compartmentalization vulnerability [CWE-653] in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0…
CVE-2025-6705 — CVSS 5.3 (medium): A vulnerability in the Eclipse Open VSX Registry’s automated publishing system could have allowed unauthorized uploads of extensions…
CVE-2024-20285 — CVSS 5.3 (medium): A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape…
CVE-2024-5801: Enabled IP Forwarding feature in B&R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by…
CVE-2024-8118: In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert…
CVE-2026-5600 — CVSS 4.3 (medium): A new API endpoint introduced in pretix 2025 that is supposed to return all check-in events of a specific event in fact returns all…
CVE-2026-40968 — CVSS 4.2 (medium): When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can…
CVE-2025-27027 — CVSS 4.1 (medium): A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of…
CVE-2024-49373 — CVSS 4.1 (medium): No Fuss Computing Centurion ERP is open source enterprise resource planning (ERP) software. Prior to version 1.2.1, an authenticated user…
CVE-2024-35281 — CVSS 2.5 (low): An improper isolation or compartmentalization vulnerability [CWE-653] in FortiClientMac version 7.4.2 and below, version 7.2.8 and below…
CVE-2025-41116: When using the Grafana Databricks Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the…