CVEs classified under CWE-669, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2021-30120 — CVSS 9.9 (critical): Kaseya VSA before 9.5.7 allows attackers to bypass the 2FA requirement. The need to use 2FA for authentication in enforce client-side…
CVE-2025-67895 — CVSS 9.8 (critical): Edge3 Worker RPC RCE on Airflow 2. This issue affects Apache Airflow Providers Edge3: before 2.0.0 - and only if you installed and…
CVE-2020-24683 — CVSS 9.8 (critical): The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at…
CVE-2020-5800 — CVSS 9.8 (critical): The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify…
CVE-2020-15892 — CVSS 9.8 (critical): An issue was discovered in apply.cgi on D-Link DAP-1520 devices before 1.10b04Beta02. Whenever a user performs a login action from the web…
CVE-2016-5062 — CVSS 9.8 (critical): The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote…
CVE-2022-20658 — CVSS 9.6 (critical): A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified…
CVE-2023-31114 — CVSS 9.1 (critical): An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can…
CVE-2025-41660 — CVSS 8.8 (high): A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized…
CVE-2026-25253 — CVSS 8.8 (high): OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket…
CVE-2021-45891 — CVSS 8.8 (high): An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4., that allows attackers to escalate privileges within the application, since…
CVE-2021-24602 — CVSS 8.8 (high): The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as…
CVE-2020-25917 — CVSS 8.8 (high): Stratodesk NoTouch Center before 4.4.68 is affected by: Incorrect Access Control. A low privileged user on the platform, for example a user…
CVE-2019-13266 — CVSS 8.8 (high): TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are…
CVE-2019-13263 — CVSS 8.8 (high): D-link DIR-825AC G1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the…
CVE-2019-11875 — CVSS 8.8 (high): In AutomateAppCore.dll in Blue Prism Robotic Process Automation 6.4.0.8445, a vulnerability in access control can be exploited to escalate…
CVE-2025-41645 — CVSS 8.6 (high): An unauthenticated remote attacker could use a demo account of the portal to hijack devices that were created in that account by mistake.
CVE-2025-34158 — CVSS 8.5 (high): Plex Media Server (PMS) 1.41.7.x through 1.42.0.x before 1.42.1 is affected by incorrect resource transfer between spheres because…
CVE-2026-14151 — CVSS 8.3 (high): Inappropriate implementation in AI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer…
CVE-2026-24708 — CVSS 8.2 (high): An issue was discovered in OpenStack Nova before 30.2.2, 31 before 31.2.1, and 32 before 32.1.1. By writing a malicious QCOW header to a…
CVE-2022-30236 — CVSS 8.2 (high): A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow unauthorized access when an attacker uses…
CVE-2021-21531 — CVSS 8.1 (high): Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. A local authenticated malicious user…
CVE-2021-20411 — CVSS 8.1 (high): IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to impersonate another user on the system due to incorrectly…
CVE-2019-11770 — CVSS 8.1 (high): In Eclipse Buildship versions prior to 3.1.1, the build files indicate that this project is resolving dependencies over HTTP instead of…
CVE-2019-10248 — CVSS 8.1 (high): Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. Any of these…
CVE-2024-38519 — CVSS 7.8 (high): `yt-dlp` and `youtube-dl` are command-line audio/video downloaders. Prior to the fixed versions, `yt-dlp` and `youtube-dl` do not limit the…
CVE-2020-1048 — CVSS 7.8 (high): An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file…
CVE-2026-42997 — CVSS 7.7 (high): An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be…
CVE-2025-59363 — CVSS 7.7 (high): In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should…
CVE-2023-44104 — CVSS 7.5 (high): Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may affect service…
CVE-2023-44100 — CVSS 7.5 (high): Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may affect service…
CVE-2023-31115 — CVSS 7.5 (high): An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can…
CVE-2021-22806 — CVSS 7.5 (high): A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when…
CVE-2012-2979 — CVSS 7.5 (high): FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD…
CVE-2018-17791 — CVSS 7.5 (high): Newgen OmniFlow Intelligent Business Process Suite (iBPS) 7.0 has an "improper server side validation" vulnerability where client-side…
CVE-2026-12068 — CVSS 7.4 (high): Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a…
CVE-2026-48831: Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some…
CVE-2022-46173 — CVSS 7.2 (high): Elrond-GO is a go implementation for the Elrond Network protocol. Versions prior to 1.3.50 are subject to a processing issue where nodes…
CVE-2019-1020011 — CVSS 7.2 (high): SmokeDetector intentionally does automatic deployments of updated copies of SmokeDetector without server operator authority.
CVE-2026-48846 — CVSS 6.5 (medium): In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var()…
CVE-2026-48845 — CVSS 6.5 (medium): In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to…
CVE-2026-41525 — CVSS 6.5 (medium): KDE Dolphin before 25.12.3 allows applications in a Flatpak (or with AppArmor confinement) to open folders outside of the application…
CVE-2023-22950 — CVSS 6.5 (medium): An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Data loading jobs in gsql_server, created by any user with designer…
CVE-2021-25973 — CVSS 6.5 (medium): In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control. “guest” role users can self-register even when the admin…
CVE-2020-27268 — CVSS 6.5 (medium): In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its…
CVE-2026-40225 — CVSS 6.4 (medium): In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.