Weaknesses of type CWE-20
4,753 resultsCVE-2026-25723HIGHClaude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write RestrictionsEPSS 0.3%CVE-2022-30711HIGHImproper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.EPSS 0.3%CVE-2026-11255HIGHInsufficient validation of untrusted input in Storage Access API in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had cEPSS 0.3%CVE-2022-28190MEDIUMNVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where imprEPSS 0.3%CVE-2026-11242HIGHInsufficient validation of untrusted input in Plugins in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised EPSS 0.3%CVE-2022-30710HIGHImproper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.EPSS 0.3%CVE-2026-5659MEDIUMpytries datrie trie File datrie.pyx Trie.__setstate__ deserializationEPSS 0.3%CVE-2025-58361CRITICALPromptcraft Forge Studio's incomplete URL check is vulnerable to XSS via SVGEPSS 0.3%CVE-2021-0076MEDIUMImproper Validation of Specified Index, Position, or Offset in Input in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operatiEPSS 0.3%CVE-2026-45291HIGHCloudburst Network erroneously handles invalid connectionsEPSS 0.3%CVE-2026-54405HIGHA malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi Network Application to EPSS 0.3%CVE-2024-5533MEDIUMDivi <= 4.25.1 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-3545CRITICALInsufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbEPSS 0.3%CVE-2021-34752MEDIUMCisco Firepower Threat Defense Command Injection VulnerabilitiesEPSS 0.3%CVE-2026-49095HIGHImproper Input Validation in Kibana Fleet Leading to Privilege EscalationEPSS 0.3%CVE-2025-55006MEDIUMFrappe Learning Holds Potential for Malicious SVG Upload in Image Upload FeatureEPSS 0.3%CVE-2026-32629MEDIUMphpMyFAQ: Stored XSS via Unsanitized Email Field in Admin FAQ EditorEPSS 0.3%CVE-2021-34756MEDIUMCisco Firepower Threat Defense Software Command Injection VulnerabilitiesEPSS 0.3%CVE-2021-34755MEDIUMCisco Firepower Threat Defense Software Command Injection VulnerabilitiesEPSS 0.3%CVE-2020-12487HIGHCommand Execution Vulnerability in ABE serviceEPSS 0.3%