CVEs classified under CWE-670, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2025-43359 — CVSS 9.8 (critical): A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS…
CVE-2020-1914 — CVSS 9.8 (critical): A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7f…
CVE-2020-17466 — CVSS 9.8 (critical): Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by visiting manage/control.php and ignoring 302 Redirect responses.
CVE-2019-17192 — CVSS 9.8 (critical): The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before…
CVE-2026-55276 — CVSS 9.1 (critical): Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints…
CVE-2025-29312 — CVSS 9.1 (critical): An issue in onos v2.7.0 allows attackers to trigger unexpected behavior within a device connected to a legacy switch via changing the link…
CVE-2023-31211 — CVSS 8.8 (high): Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials
CVE-2023-20558 — CVSS 8.8 (high): Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to…
CVE-2018-16766 — CVSS 8.8 (high): In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or…
CVE-2021-41153 — CVSS 8.7 (high): The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In `evm` crate `< 0.31.0`, `JUMPI` opcode's condition is checked…
CVE-2024-20480 — CVSS 8.6 (high): A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow…
CVE-2022-2993 — CVSS 8.6 (high): There is an error in the condition of the last if-statement in the function smp_check_keys. It was rejecting current keys if all…
CVE-2025-49091 — CVSS 8.2 (high): KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a…
CVE-2024-52811 — CVSS 8.2 (high): The ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks are not validated before being written to…
CVE-2023-1668 — CVSS 8.2 (high): A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action…
CVE-2022-29255 — CVSS 8.2 (high): Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions prior to 0.3.4 when a calling an external…
CVE-2026-40960 — CVSS 8.1 (high): Luanti 5 before 5.15.2 sometimes allows unintended access to an insecure environment. If at least one mod is listed as secure.trusted_mods…
CVE-2026-40200 — CVSS 8.1 (high): An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due…
CVE-2024-8811 — CVSS 7.8 (high): WinZip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism…
CVE-2024-47745 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: mm: call the security_mmap_file() LSM hook in remap_file_pages() The…
CVE-2023-20915 — CVSS 7.8 (high): In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a phone account without user interaction due…
CVE-2020-25603 — CVSS 7.8 (high): An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels…
CVE-2017-0604 — CVSS 7.8 (high): An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary…
CVE-2026-48844 — CVSS 7.5 (high): Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could…
CVE-2026-40719 — CVSS 7.5 (high): Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be…
CVE-2026-34946 — CVSS 7.5 (high): Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a vulnerability…
CVE-2025-58136 — CVSS 7.5 (high): A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through…
CVE-2026-33011 — CVSS 7.5 (high): Nest is a framework for building scalable Node.js server-side applications. In versions 11.1.15 and below, a NestJS application using…
CVE-2026-1874 — CVSS 7.5 (high): Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet…
CVE-2026-26267 — CVSS 7.5 (high): soroban-sdk is a Rust SDK for Soroban contracts. Prior to versions 22.0.10, 23.5.2, and 25.1.1, the `#[contractimpl]` macro contains a bug…
CVE-2025-21607 — CVSS 7.5 (high): Vyper is a Pythonic Smart Contract Language for the EVM. When the Vyper Compiler uses the precompiles EcRecover (0x1) and Identity (0x4)…
CVE-2024-45807 — CVSS 7.5 (high): Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's 1.31 is using `oghttp` as the default HTTP/2 codec, and there…
CVE-2024-45311 — CVSS 7.5 (high): Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. As of quinn-proto 0.11, it is possible for a…
CVE-2024-37153 — CVSS 7.5 (high): Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. There is an issue with how to liquid stake using Safe which itself…
CVE-2023-23623 — CVSS 7.5 (high): Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. A Content-Security-Policy…
CVE-2023-41058 — CVSS 7.5 (high): Parse Server is an open source backend server. In affected versions the Parse Cloud trigger `beforeFind` is not invoked in certain…
CVE-2023-41376 — CVSS 7.5 (high): Nokia Service Router Operating System (SR OS) 22.10 and SR Linux, when error-handling update-fault-tolerance is not enabled, mishandle BGP…
CVE-2023-30629 — CVSS 7.5 (high): Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.1 through 0.3.7, the Vyper compiler generates…
CVE-2022-29607 — CVSS 7.5 (high): An issue was discovered in ONOS 2.5.1. Modification of an existing intent to have the same source and destination shows the INSTALLED state…
CVE-2022-29605 — CVSS 7.5 (high): An issue was discovered in ONOS 2.5.1. IntentManager attempts to install the IPv6 flow rules of an intent into an OpenFlow 1.0 switch that…
CVE-2021-43819 — CVSS 7.5 (high): Stargate-Bukkit is a mod for the minecraft video game which adds a portal focused environment. In affected versions Minecarts with chests…
CVE-2022-45196 — CVSS 7.5 (high): Hyperledger Fabric 2.3 allows attackers to cause a denial of service (orderer crash) by repeatedly sending a crafted channel tx with the…
CVE-2022-31116 — CVSS 7.5 (high): UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were found to improperly…
CVE-2022-26890 — CVSS 7.5 (high): On F5 BIG-IP Advanced WAF, ASM, and APM 16.1.x versions prior to 16.1.2.1, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to…
CVE-2022-21655 — CVSS 7.5 (high): Envoy is an open source edge and service proxy, designed for cloud-native applications. The envoy common router will segfault if an…
CVE-2021-43839 — CVSS 7.5 (high): Cronos is a commercial implementation of a blockchain. In Cronos nodes running versions before v0.6.5, it is possible to take transaction…
CVE-2021-37605 — CVSS 7.5 (high): In version 6.5 Microchip MiWi software and all previous versions including legacy products, the stack is validating only two out of four…
CVE-2021-37604 — CVSS 7.5 (high): In version 6.5 of Microchip MiWi software and all previous versions including legacy products, there is a possibility of frame counters…