CVEs classified under CWE-830, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2023-2588 — CVSS 8.8 (high): Teltonika’s Remote Management System versions prior to 4.10.0 have a feature allowing users to access managed devices’ local secure…
CVE-2025-65109: Minder is an open source software supply chain security platform. In Minder Helm version 0.20241106.3386+ref.2507dbf and Minder Go versions…
CVE-2024-29944 — CVSS 8.4 (high): An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent…
CVE-2024-42381 — CVSS 8.3 (high): os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to…
CVE-2025-46652 — CVSS 6.1 (medium): In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. When a user performs an extraction from an archive file that bears…
CVE-2025-43703 — CVSS 6.1 (medium): An issue was discovered in Ankitects Anki through 25.02. A crafted shared deck can result in attacker-controlled access to the internal API…
CVE-2025-33028 — CVSS 6.1 (medium): In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability…
CVE-2024-35180 — CVSS 6.1 (medium): OMERO.web provides a web based client and plugin infrastructure. There is currently no escaping or validation of the `callback` parameter…