Fallos del tipo CWE-346
379 resultadosCVE-2026-45173HIGHIdira Identity Browser Extension: Unauthorized Application Interaction via Origin Validation FailureEPSS 0.2%CVE-2022-1747MEDIUMThe authentication mechanism used by voters to activate a voting session on the tested version of Dominion Voting Systems ImageCast X is susEPSS 0.2%CVE-2024-24782MEDIUMHIMA: Origin Validation Error in multiple productsEPSS 0.2%CVE-2026-11214MEDIUMInappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-originEPSS 0.2%CVE-2026-32632MEDIUMGlances's REST/WebUI Lacks Host Validation and Remains Exposed to DNS RebindingEPSS 0.2%CVE-2025-53600HIGHWhale browser before 4.32.315.22 allow an attacker to bypass the Same-Origin Policy in a dual-tab environment.EPSS 0.2%CVE-2025-47909HIGHImproper validation of TrustedOrigins allows CSRF attacks in github.com/gorilla/csrfEPSS 0.2%CVE-2023-27962MEDIUMA logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. AnEPSS 0.2%CVE-2026-11291MEDIUMInappropriate implementation in Android Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to bypass sameEPSS 0.2%CVE-2026-11298MEDIUMInappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass same origiEPSS 0.2%CVE-2026-34359HIGHHAPI FHIR: Authentication Credential Leakage via Improper URL Prefix Matching on HTTP Redirect in HAPI FHIR CoreEPSS 0.2%CVE-2026-7643MEDIUMChatGPTNextWeb NextChat API Endpoint Next.js cross-domain policyEPSS 0.2%CVE-2026-12024MEDIUMInsufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy EPSS 0.2%CVE-2026-11048MEDIUMInappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malEPSS 0.2%CVE-2026-5918MEDIUMInappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the rendereEPSS 0.2%CVE-2020-15734MEDIUMSame-origin policy vulnerability in Bitdefender SafepayEPSS 0.2%CVE-2022-42860—This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 1EPSS 0.2%CVE-2026-41376LOWOpenClaw < 2026.3.31 - Matrix Thread Context Allowlist Bypass via Sender ValidationEPSS 0.2%CVE-2026-7979MEDIUMInappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafEPSS 0.2%CVE-2026-7986MEDIUMInsufficient policy enforcement in Autofill in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via EPSS 0.2%