Weaknesses of type CWE-20
4,784 resultsCVE-2026-62658MEDIUMPost-authentication Command Injection Vulnerability in certain Nighthawk RAX series modelsEPSS —CVE-2026-48308MEDIUMPremiere Pro | Improper Input Validation (CWE-20)EPSS —CVE-2026-48312MEDIUMCAI Content Credentials | Improper Input Validation (CWE-20)EPSS —CVE-2026-48351HIGHCAI Content Credentials | Improper Input Validation (CWE-20)EPSS —CVE-2026-62656MEDIUMPost-authenticated command injection vulnerability found in certain NETGEAR RAX modelsEPSS —CVE-2026-48328HIGHColdFusion | Improper Input Validation (CWE-20)EPSS —CVE-2026-48353MEDIUMCAI Content Credentials | Improper Input Validation (CWE-20)EPSS —CVE-2026-50370HIGHDHCP Server Service Remote Code Execution VulnerabilityEPSS —CVE-2026-47470MEDIUMNVIDIA TensorRT-LLM for any platform contains a vulnerability in the gRPC server chat API endpoint, where an attacker could cause CWE-20 by EPSS —CVE-2026-50417HIGHWindows NTFS Remote Code Execution VulnerabilityEPSS —CVE-2026-55124MEDIUMMicrosoft Word Information Disclosure VulnerabilityEPSS —CVE-2026-55899HIGHMicrosoft Excel Remote Code Execution VulnerabilityEPSS —CVE-2026-13001CRITICALPodlove Podcast Publisher <= 4.5.1 - Unauthenticated Arbitrary File Upload via podlove_image_cache_url ParameterEPSS —CVE-2026-50670HIGHWindows Win32k Elevation of Privilege VulnerabilityEPSS —CVE-2026-50328HIGHWindows Server Update Service (WSUS) Tampering VulnerabilityEPSS —CVE-2026-48302MEDIUMCAI Content Credentials | Improper Input Validation (CWE-20)EPSS —CVE-2026-62659MEDIUMAuthenticated users can make unauthorized changes on NETGEAR WAX333 Access PointsEPSS —CVE-2026-15769HIGHInsufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacEPSS —CVE-2026-15778—Insufficient validation of untrusted input in Navigation in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromiEPSS —CVE-2026-48352HIGHCAI Content Credentials | Improper Input Validation (CWE-20)EPSS —