Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-129

CWE-129

High likelihood

Improper Validation of Array Index

Parent: CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

572 vulnerabilities with CWE-129

CVE-2026-33281 MEDIUM

Ella Core < 1.6.0 - Unauthenticated Denial of Service via NGAP Message PDU Session ID

CVE-2026-33022 MEDIUM

Tekton Pipelines: Controller can panic when setting long resolver names in TaskRun/PipelineRun

CVE-2026-32937 MEDIUM

free5GC CHF has Out-of-Bounds Slice Access that Leads to DoS

CVE-2026-26933 MEDIUM

Improper Validation of Array Index in Packetbeat Leading to Denial of Service

CVE-2026-31967 CRITICAL

HTSlib CRAM reader has out-of-bounds read due to improper validation of input

CVE-2026-31966 CRITICAL

HTSlib CRAM reader has out-of-bounds read due to improper validation of input

CVE-2026-31965 HIGH

HTSlib CRAM reader has out-of-bounds reads due to improper validation of input

CVE-2026-31963 HIGH

HTSlib CRAM reader has heap buffer overflow due to improper validation of input

CVE-2026-31962 HIGH

HTSlib CRAM reader has heap buffer overflow due to improper validation of input

CVE-2026-23246 HIGH

wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration

CVE-2026-3083 HIGH

GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability

CVE-2026-30984 MEDIUM

iccDEV <2.3.1.5 - Memory Corruption

CVE-2026-30982 MEDIUM

iccDEV <2.3.1.5 - Memory Corruption

CVE-2026-26932 MEDIUM

Packetbeat 8.0.0-8.19.11 - Denial of Service via PostgreSQL Protocol Parser

CVE-2026-25882 HIGH

Fiber 2.0.0-2.52.11 and 0-3.0.9 - Denial of Service via Route Parameter Overflow

CVE-2026-2006 HIGH

PostgreSQL 14.0-14.20 - Remote Code Execution via Multibyte Character Length Mismanagement

CVE-2026-25585 HIGH

iccdev < 2.3.1.3 - Out-of-bounds Read in IccCmm.cpp

CVE-2026-25518 MEDIUM

cert-manager 1.18.0-1.18.4 and 1.19.0-1.19.2 - Denial of Service via ACME DNS-01 Processing

CVE-2026-25068 MEDIUM

alsa-lib <1.2.15.2 - Buffer Overflow

CVE-2026-22859 CRITICAL

FreeRDP < 3.20.1 - Out-of-bounds Read in URBDRC Client

CVE-2026-0529 MEDIUM

Packetbeat 7.0.0-7.17.28, 8.0.0-8.19.8, 9.0.0-9.1.8, 9.2.0-9.2.2 - Denial of Service via MongoDB Protocol Parser

CVE-2026-0528 MEDIUM

Elastic Kibana < 7.17.29 - Improper Array Index Validation

CVE-2025-69248 HIGH

free5GC AMF <=1.4.1 - Buffer Overflow

CVE-2025-71203 HIGH

Linux Kernel - Speculative Out-of-Bounds Access via Syscall Table Indexing

CVE-2025-71143 HIGH

Linux Kernel - Out-of-Bounds Array Access in Exynos Clock Driver

Previous Page 2 of 23 Next

Details

Vulnerabilities 572

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy