CVEs classified under CWE-692, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2025-20240 — CVSS 6.1 (medium): A vulnerability in the Web Authentication feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a…
CVE-2025-49590 — CVSS 6.1 (medium): CryptPad is a collaboration suite. Prior to version 2025.3.0, the "Link Bouncer" functionality attempts to filter javascript URIs to…
CVE-2024-30924 — CVSS 4.6 (medium): Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the checkin.php component.