Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1286

CWE-1286

Improper Validation of Syntactic Correctness of Input

Parent: CWE-20 - Improper Input Validation

The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax.

67 vulnerabilities with CWE-1286

CVE-2026-6442 HIGH

Improper Command Detection Logic Allows RCE in Cortex Code Command-Line Interface

CVE-2026-40198 HIGH

Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass

CVE-2026-33778 HIGH

Junos OS: SRX Series, MX Series: When a specifically malformed first ISAKMP packet is received kmd/iked crashes

CVE-2026-34835 MEDIUM

Rack: `Rack::Request` accepts invalid Host characters, enabling host allowlist bypass.

CVE-2026-20114 MEDIUM

Cisco IOS XE Software <16.11.1 - Privilege Escalation

CVE-2026-3632 LOW

Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames

CVE-2026-21527 MEDIUM

Microsoft Exchange Server - Info Disclosure

CVE-2026-25513 HIGH

Facturascripts < 2025.81 - SQL Injection

CVE-2026-0663 MEDIUM

M-Files Server <26.1.15632.3 - DoS

CVE-2026-21917 HIGH

Juniper Junos - Denial of Service

CVE-2025-13995 MEDIUM

IBM QRadar SIEM Information Disclosure

CVE-2025-59785 HIGH

2N Access Commander <3.4.2 - Auth Bypass

CVE-2025-13327 MEDIUM

uv - Code Injection

CVE-2025-67492 MEDIUM

Weblate <5.15 - Info Disclosure

CVE-2025-13033 HIGH

Email Parsing Library - SSRF

CVE-2025-41719 HIGH

Webserver <unknown> - Memory Corruption

CVE-2025-55085 HIGH

NextX Duo <6.4.4 - Buffer Overflow

CVE-2025-11573 HIGH

Nuget Amazon.iondotnet < 1.3.2 - Denial of Service

CVE-2025-36262 MEDIUM

IBM Planning Analytics Local <2.0.106, <2.1.13 - Info Disclosure

CVE-2025-10954 MEDIUM

github.com/nyaruka/phonenumbers <1.2.2 - Improper Validation

CVE-2025-54995 MEDIUM

Sangoma Asterisk < 18.26.4 - Denial of Service

CVE-2025-25007 MEDIUM

Microsoft Exchange Server - Info Disclosure

CVE-2025-30415 HIGH

Acronis Cyber Protect Cloud Agent <40077 - DoS

CVE-2025-43878 MEDIUM

F5OS-C/A - Privilege Escalation

CVE-2025-24348 MEDIUM

ctrlX OS - Wireless Network Configuration File Manipulation

Page 1 of 3 Next

Details

Vulnerabilities 67

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy