CVEs classified under CWE-67, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-51745 — CVSS 10.0 (critical): Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special…
CVE-2024-35197 — CVSS 5.4 (medium): gitoxide is a pure Rust implementation of Git. On Windows, fetching refs that clash with legacy device names reads from the devices, and…
CVE-2026-27199 — CVSS 5.3 (medium): Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safe_join function allows Windows device names as…
CVE-2026-21860 — CVSS 5.3 (medium): Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's safe_join function allows path segments with…
CVE-2025-66221 — CVSS 5.3 (medium): Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's safe_join function allows path segments with…