Weaknesses of type CWE-697
70 resultsCVE-2026-32322MEDIUMsoroban-sdk: `Fr` scalar field equality comparison bypasses modular reductionEPSS 0.3%CVE-2026-49340HIGHgonic has arbitrary file write in createPlaylist: any authenticated user can write playlist M3U content to attacker-controlled path on the hostEPSS 0.3%CVE-2026-45567HIGHRoxy-WI: Authentication bypass via 'api' substring in URL + unauthenticated /api/gptEPSS 0.2%CVE-2026-21691MEDIUMiccDEV has Type Confusion in CIccTag:IsTypeCompressed()EPSS 0.2%CVE-2025-12192MEDIUMThe Events Calendar <= 6.15.9 - Sysinfo Key Incorrect Comparison to Unauthenticated Sensitive Information ExposureEPSS 0.2%CVE-2026-9369MEDIUMNousResearch hermes-agent CLI web-dashboard web_server.py _discover_dashboard_plugins comparisonEPSS 0.2%CVE-2023-44378HIGHgnark vulnerable to unsoundness in variable comparison/non-unique binary decompositionEPSS 0.2%CVE-2026-34574MEDIUMParse Server: Session field immutability bypass via falsy-value guardEPSS 0.2%CVE-2026-47202CRITICALKavita: Pre-Auth Account TakeoverEPSS 0.2%CVE-2026-26275HIGHhttpsig-hyper has Improper Digest Verification that May Allow Message Integrity BypassEPSS 0.2%