Weaknesses of type CWE-346
379 resultsCVE-2025-3651CRITICALCommand Injection in iManage Work Desktop for Mac's Agent ServiceEPSS 0.2%CVE-2022-50975HIGHMultiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated access to device configurationEPSS 0.2%CVE-2025-5320MEDIUMgradio-app gradio CORS is_valid_origin privilege escalationEPSS 0.2%CVE-2025-7365HIGHKeycloak: phishing attack via email verification step in first login flowEPSS 0.2%CVE-2025-23117MEDIUMAn Insufficient Firmware Update Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras aEPSS 0.2%CVE-2026-6508CRITICALRCE in TUBITAK BILGEM's LiderahenkEPSS 0.2%CVE-2026-11020MEDIUMInappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via aEPSS 0.2%CVE-2025-56648MEDIUMnpm parcel 2.0.0-alpha and before has an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the applicatiEPSS 0.2%CVE-2025-9265CRITICALAPI Authentication Bypass via Header Spoofing vulnerability in Kiloview NDI N30 ProductsEPSS 0.2%CVE-2025-4542LOWFreeebird Hotel 酒店管理系统 API SessionInterceptor.java cross-domain policyEPSS 0.2%CVE-2023-3581MEDIUMWebSockets accept connections from HTTPS originEPSS 0.2%CVE-2023-29756MEDIUMAn issue found in Twilight v.13.3 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreEPSS 0.2%CVE-2026-44649CRITICALSillyTavern: Authentication Bypass via SSO Header InjectionEPSS 0.2%CVE-2026-43972MEDIUMgun HTTP/2 PUSH_PROMISE authority not validated against connection origin allows cross-origin cookie injectionEPSS 0.2%CVE-2025-2346MEDIUMIROAD Dash Cam X5/Dash Cam X6 Domain origin validationEPSS 0.2%CVE-2025-9636HIGHCross-Origin Opener Policy Vulnerability in pgAdmin 4EPSS 0.2%CVE-2026-45207HIGHAn origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. EPSS 0.2%CVE-2026-34930HIGHAn origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. EPSS 0.2%CVE-2026-34928HIGHAn origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. EPSS 0.2%CVE-2026-45206HIGHAn origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. EPSS 0.2%