Weaknesses of type CWE-670
95 resultsCVE-2025-32996MEDIUMIn http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used.EPSS 0.4%CVE-2026-40719HIGHDeadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolvEPSS 0.4%CVE-2026-34946MEDIUMWasmtime's host panics when Winch compiler executes `table.fill`EPSS 0.4%CVE-2026-40396MEDIUMVarnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service (daemon panic) after timeout_linger. A malicious client could sEPSS 0.3%CVE-2026-33011HIGHNest Fastify HEAD Request Middleware BypassEPSS 0.3%CVE-2024-35195MEDIUMRequests `Session` object does not verify requests after making first request with verify=FalseEPSS 0.3%CVE-2022-41884MEDIUMSeg fault in `ndarray_tensor_bridge` due to zero and large inputs in TensorflowEPSS 0.3%CVE-2024-47168LOWThe `enable_monitoring` flag set to `False` does not disable monitoring in GradioEPSS 0.3%CVE-2026-26267HIGHrs-soroban-sdk #[contractimpl] macro calls inherent function instead of trait function when names collideEPSS 0.3%CVE-2024-5659HIGHRockwell Automation Multicast Request Causes major nonrecoverable fault on Select ControllersEPSS 0.3%CVE-2026-6608MEDIUMlm-sys fastchat Arena Side-by-Side View add_text control flowEPSS 0.3%CVE-2025-24800CRITICALCritical vulnerability in `ismp-grandpa` <v15.0.1EPSS 0.3%CVE-2026-40942MEDIUMDSF: Inverted Time Comparison in OIDC JWKS and Token CacheEPSS 0.3%CVE-2025-2886MEDIUMTerminating targets role delegations are not respected in toughEPSS 0.3%CVE-2023-20921HIGHIn onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logicEPSS 0.3%CVE-2024-30133MEDIUMHCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerabilityEPSS 0.3%CVE-2024-47763MEDIUMWasmtime runtime crash when combining tail calls with trapping importsEPSS 0.2%CVE-2026-56307MEDIUMCap-go - Broken Cursor Pagination in /private/devices EndpointEPSS 0.2%CVE-2026-35387LOWOpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgoEPSS 0.2%CVE-2026-40394MEDIUMVarnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service (daemon panic) for certEPSS 0.2%