Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1287

CWE-1287

Improper Validation of Specified Type of Input

Parent: CWE-20 - Improper Input Validation

The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.

134 vulnerabilities with CWE-1287

CVE-2026-9753 HIGH

Server crash via malformed binary diff passed to $_internalApplyOplogUpdate.

CVE-2026-9742 HIGH

Authenticate command with specific mechanism parameter can trigger server crash

CVE-2026-11460 HIGH

Boost Serialization improper validation of specified type of input

CVE-2026-49941 HIGH

Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses

CVE-2026-47675 MEDIUM

Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection

CVE-2026-40851 HIGH

Command injection via USB

CVE-2026-9521 HIGH

fraillt bitsery std_smart_ptr.h loadFromSharedState improper validation of specified type of input

CVE-2026-4646 MEDIUM

Insufficient input validation in GitHub plugin API causes denial of service

CVE-2026-7887 MEDIUM

For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status

CVE-2026-0802 MEDIUM

Axis Communications AB Axis OS < 12.9.33 - Improper Validation of Specified Type of Input

CVE-2026-29645 HIGH

NEMU <v2025.12.r2 - Instruction Validation Flaw

CVE-2026-33806 HIGH

fastify vulnerable to Body Schema Validation Bypass via Leading Space in Content-Type Header

CVE-2026-2092 HIGH

Keycloak-services: keycloak: unauthorized access via improper validation of encrypted saml assertions

CVE-2026-2454 MEDIUM

DoS in Calls plugin via malformed msgpack in websocket request.

CVE-2026-25783 MEDIUM

Denial of service via malformed User-Agent header in getBrowserVersion

CVE-2026-20074 HIGH

Cisco IOS XR - Unauthenticated Denial of Service via IS-IS Packet Input Validation

CVE-2026-26115 HIGH

Microsoft SQL Server 2016-2025 - Privilege Escalation via Improper Input Validation

CVE-2026-25179 HIGH

Windows AFD for WinSock - Privilege Escalation

CVE-2026-29788 HIGH

TSPortal < 30 - Improper Validation of Input

CVE-2026-2004 HIGH

PostgreSQL <18.2, 17.8, 16.12, 15.16, 14.21 - RCE

CVE-2026-2003 MEDIUM

PostgreSQL <18.2-14.21 - Info Disclosure

CVE-2026-20119 HIGH

Cisco RoomOS Software - Unauthenticated Denial of Service via Text Rendering Subsystem

CVE-2026-24307 CRITICAL

Microsoft 365 Copilot - Unauthenticated Information Disclosure via Improper Input Validation

CVE-2025-53627 MEDIUM

meshtastic_firmware 2.5.0-2.7.15 - Downgrade Attack via Missing PKI Encryption Flag

CVE-2025-12689 MEDIUM

Mattermost <11.0.4, <10.12.2, <10.11.6 - DoS

Page 1 of 6 Next

Details

Vulnerabilities 134

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy