CVEs classified under CWE-837, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2025-54315 — CVSS 7.1 (high): The Matrix specification before 1.16 (i.e., with a room version before 12) lacks create event uniqueness.
CVE-2024-11301 — CVSS 6.5 (medium): In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the…
CVE-2024-4629 — CVSS 6.5 (medium): A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login…
CVE-2024-11717: Tokens in CTFd used for account activation and password resetting can be used interchangeably for these operations. When used, they are…
CVE-2025-62784 — CVSS 5.3 (medium): InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions before 1.6.5 contain a vulnerability where any plugin…
CVE-2025-62782 — CVSS 5.3 (medium): InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions 1.6.3-SNAPSHOT and earlier contain a vulnerability…
CVE-2025-58135 — CVSS 5.3 (medium): Improper action enforcement in certain Zoom Workplace Clients for Windows may allow an unauthenticated user to conduct a disclosure of…
CVE-2024-11716: While assignment of a user to a team (bracket) in CTFd should be possible only once, at the registration, a flaw in logic implementation…
CVE-2023-6759 — CVSS 5.3 (medium): A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. This affects an unknown part of the file…
CVE-2025-62783 — CVSS 5.0 (medium): InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions 1.6.1-SNAPSHOT and earlier contain a vulnerability…
CVE-2023-6438 — CVSS 4.3 (medium): A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file…
CVE-2026-44601 — CVSS 3.7 (low): Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka…
CVE-2023-6467 — CVSS 3.1 (low): A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file…