Fallos del tipo CWE-20
4743 resultadosCVE-2026-11027MEDIUMInsufficient validation of untrusted input in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised theEPSS 0.3%CVE-2025-24501MEDIUMAn improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request.EPSS 0.3%CVE-2026-39410MEDIUMHono has a non-breaking space prefix bypass in cookie name handling in getCookie()EPSS 0.3%CVE-2026-10981MEDIUMInsufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised tEPSS 0.3%CVE-2026-25941MEDIUMFreeRDP: vuln_1_15_1 RDPGFX WIRE_TO_SURFACE_2 Out-of-Bounds ReadEPSS 0.3%CVE-2025-63783HIGHA Broken Object Level Authorization (BOLA) vulnerability was discovered in the tRPC project mutation APIs (update, delete, add/remove tag) oEPSS 0.3%CVE-2021-46771—Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by EPSS 0.3%CVE-2026-13911MEDIUMInsufficient policy enforcement in Spellcheck in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the rendEPSS 0.3%CVE-2026-4755CRITICALCWE-20 in MolotovCherry Android-ImageMagick7EPSS 0.3%CVE-2025-44526MEDIUMRealtek RTL8762EKF-EVB RTL8762E SDK V1.4.0 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low EPSS 0.3%CVE-2026-22046HIGHiccDEV has heap-buffer-overflow in CIccProfileXml::ParseBasic() at IccXML/IccLibXML/IccProfileXml.cppEPSS 0.3%CVE-2025-59187HIGHWindows Kernel Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-40068HIGHClaude Code arbitrary code execution via git worktree commondir trust dialog bypassEPSS 0.3%CVE-2026-45392HIGHDOM-based XSS in Cribl StreamEPSS 0.3%CVE-2021-3599MEDIUMA potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local EPSS 0.3%CVE-2022-26707MEDIUMAn issue in the handling of environment variables was addressed with improved validation. This issue is fixed in macOS Monterey 12.4. A userEPSS 0.3%CVE-2026-13875MEDIUMInsufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had comprEPSS 0.3%CVE-2026-31192MEDIUMInsufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitivEPSS 0.3%CVE-2025-6240MEDIUMProfisee Path Traversal VulnerabilityEPSS 0.3%CVE-2025-66451MEDIUMLibreChat's Improper Input Validation in Prompt Creation API Enables Unauthorized Permission ChangesEPSS 0.3%