CVEs classified under CWE-821, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2024-1739 — CVSS 9.1 (critical): lunary-ai/lunary is vulnerable to an authentication issue due to improper validation of email addresses during the signup process…
CVE-2024-1902 — CVSS 7.5 (high): lunary-ai/lunary is vulnerable to a session reuse attack, allowing a removed user to change the organization name without proper…
CVE-2026-56132 — CVSS 6.9 (medium): In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is…
CVE-2026-21919 — CVSS 6.5 (medium): An Incorrect Synchronization vulnerability in the management daemon (mgd) of Juniper Networks Junos OS and Junos OS Evolved allows a…
CVE-2024-6657 — CVSS 6.5 (medium): A denial of service may be caused to a single peripheral device in a BLE network when multiple central devices continuously connect and…
CVE-2024-4278 — CVSS 5.5 (medium): An information disclosure issue has been discovered in GitLab EE affecting all versions starting from 16.5 prior to 17.2.8, from 17.3 prior…
CVE-2024-5755 — CVSS 5.3 (medium): In lunary-ai/lunary versions <=v1.2.11, an attacker can bypass email validation by using a dot character ('.') in the email address. This…
CVE-2024-58133 — CVSS 4.0 (medium): In chainmaker-go (aka ChainMaker) before 2.4.0, when making frequent updates to a node's configuration file and restarting this node…
CVE-2024-58132 — CVSS 4.0 (medium): In chainmaker-go (aka ChainMaker) before 2.3.6, multiple updates to a single node's configuration can cause other normal nodes to perform…