Falhas do tipo CWE-178
51 resultadosCVE-2026-45062HIGHFrankenPHP: Unsafe Unicode Handling in CGI Path Splitting Allows Execution of Non-PHP FilesEPSS 0.6%CVE-2026-40453CRITICALApache Camel JMS, Apache Camel CoAP, Apache Camel Google PubSub: Incomplete fix for CVE-2025-27636 in non-HTTP HeaderFilterStrategies (camel-jms, camel-sjms, camel-coap, camel-google-pubsub) allows case-variant header injectionEPSS 0.5%CVE-2026-3833MEDIUMGnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparisonEPSS 0.5%CVE-2026-43513HIGHApache Tomcat: LockOutRealm treats user names as case-sensitiveEPSS 0.5%CVE-2026-32939HIGHDataEase is Vulnerable to H2 JDBC RCE BypassEPSS 0.4%CVE-2025-50864MEDIUMAn Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing (CORS) restrictionEPSS 0.4%CVE-2026-29054HIGHTraefik: lowercase `Connection` tokens can delete traefik-managed forwarded identity headers (for example, `X-Real-Ip`)EPSS 0.4%CVE-2024-55634HIGHDrupal core - Moderately critical - Access bypass - SA-CORE-2024-004EPSS 0.4%CVE-2026-48595HIGHAuthorization header leaks to third-party origin on cross-origin redirect in Tesla.Middleware.FollowRedirectsEPSS 0.4%CVE-2026-42272HIGHHeimdall: Case-sensitive handling of URL-encoded slashes may lead to inconsistent path interpretationEPSS 0.4%CVE-2026-45135HIGHCaddy: Unsafe Unicode Handling in FastCGI splitPos Allows Execution of Non-PHP FilesEPSS 0.4%CVE-2025-61593HIGHCursor CLI Agent: Sensitive File Overwrite BypassEPSS 0.4%CVE-2026-27587HIGHCaddy: MatchPath %xx (escaped-path) branch skips case normalization, enabling path-based route/auth bypassEPSS 0.4%CVE-2026-27588HIGHCaddy: MatchHost becomes case-sensitive for large host lists (>100), enabling host-based route/auth bypassEPSS 0.4%CVE-2024-38829LOWSpring LDAP sensitive data exposure for case-sensitive comparisonsEPSS 0.4%CVE-2025-4035MEDIUMLibsoup: cookie domain validation bypass via uppercase characters in libsoupEPSS 0.3%CVE-2026-22665HIGHprompts.chat Identity Confusion via Case-Sensitive Username HandlingEPSS 0.3%CVE-2025-59944HIGHCursor IDE: Sensitive File Overwrite Bypass is PossibleEPSS 0.3%CVE-2026-25889MEDIUMFile Browser has an Authentication Bypass in User Password UpdateEPSS 0.3%CVE-2026-47203LOWAuthelia Missing Username Canonicalization in Basic Auth (LDAP)EPSS 0.3%