CVEs classified under CWE-696, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (29)
CVE-2026-45033 — CVSS 7.8 (high): GitHub Copilot CLI brings AI-powered coding assistance directly to your command line. Prior to 1.0.43, a security vulnerability has been…
CVE-2025-31485 — CVSS 7.5 (high): API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. Prior to 4.0.22 and 3.4.17, a GraphQL grant on a property…
CVE-2021-22569 — CVSS 7.5 (high): An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out…
CVE-2021-31379 — CVSS 7.5 (high): An Incorrect Behavior Order vulnerability in the MAP-E automatic tunneling mechanism of Juniper Networks Junos OS allows an attacker to…
CVE-2026-35637 — CVSS 7.3 (high): OpenClaw before 2026.3.22 performs cite expansion before completing channel and DM authorization checks, allowing cite work and content…
CVE-2024-24853 — CVSS 7.2 (high): Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a…
CVE-2023-33224 — CVSS 7.2 (high): The SolarWinds Platform was susceptible to the Incorrect Behavior Order Vulnerability. This vulnerability allows users with administrative…
CVE-2025-0150 — CVSS 7.1 (high): Incorrect behavior order in some Zoom Workplace Apps for iOS before version 6.3.0 may allow an authenticated user to conduct a denial of…
CVE-2026-35652 — CVSS 6.5 (medium): OpenClaw before 2026.3.22 contains an authorization bypass vulnerability in interactive callback dispatch that allows non-allowlisted…
CVE-2026-35636 — CVSS 6.5 (medium): OpenClaw versions 2026.3.11 through 2026.3.24 contain a session isolation bypass vulnerability where session_status resolves sessionId to…
CVE-2026-35627 — CVSS 6.5 (medium): OpenClaw before 2026.3.22 performs cryptographic and dispatch operations on inbound Nostr direct messages before enforcing sender and…
CVE-2024-30389 — CVSS 5.8 (medium): An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an…
CVE-2024-30410 — CVSS 5.8 (medium): An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device…
CVE-2021-47688 — CVSS 5.7 (medium): In WhiteBeam 0.2.0 through 0.2.1 before 0.2.2, a user with local access to a server can bypass the allow-list functionality because a file…
CVE-2026-33305 — CVSS 5.4 (medium): OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, an authorization…
CVE-2026-43002 — CVSS 5.3 (medium): An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before…
CVE-2026-35640 — CVSS 5.3 (medium): OpenClaw before 2026.3.25 parses JSON request bodies before validating webhook signatures, allowing unauthenticated attackers to force…
CVE-2025-9904 — CVSS 5.3 (medium): Unallocated memory access vulnerability in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver /…
CVE-2025-55114 — CVSS 5.3 (medium): The improper order of AUTHORIZED_CTM_IP validation in the Control-M/Agent, where the Control-M/Server IP address is validated only after…
CVE-2024-35229 — CVSS 5.3 (medium): ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to version 1.3.10, there is a very specific pattern…
CVE-2024-45157 — CVSS 5.1 (medium): An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously…
CVE-2025-20012 — CVSS 4.9 (medium): Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated user to potentially enable information…
CVE-2023-52968 — CVSS 4.9 (medium): MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and…
CVE-2026-40223 — CVSS 4.7 (medium): In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User=<unset> unit exists and is running.
CVE-2026-44919 — CVSS 4.3 (medium): In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the…
CVE-2023-23576 — CVSS 4.3 (medium): Incorrect behavior order in the Command Centre Server could allow privileged users to gain physical access to the site for longer than…
CVE-2026-56355 — CVSS 3.7 (low): GNU Savannah Administration Savane through 3.17 uses untrusted data as part of authorization.
CVE-2026-44600 — CVSS 3.7 (low): Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010.
CVE-2026-35386 — CVSS 3.6 (low): In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario…