CWE-178
Improper Handling of Case Sensitivity
The product does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.
55 vulnerabilities with CWE-178
CVE-2026-29054
HIGH
Traefik 2.11.9-2.11.37/3.1.3-3.6.8 - Auth Bypass
CVSS 7.5
CVE-2026-27896
Go MCP SDK <1.3.1 - Auth Bypass
CVE-2026-27588
CRITICAL
Caddy <2.11.1 - Auth Bypass
CVSS 9.1
CVE-2026-27587
CRITICAL
Caddy <2.11.1 - Auth Bypass
CVSS 9.1
CVE-2026-25889
MEDIUM
Filebrowser < 2.57.1 - XSS
CVSS 5.4
CVE-2025-67718
NPM Formio < 3.5.7 - Information Disclosure
CVE-2025-59944
HIGH
Anysphere Cursor < 1.6.23 - Remote Code Execution
CVSS 8.0
CVE-2025-61593
HIGH
Cursor <1.7 - RCE
CVSS 7.1
CVE-2025-50864
MEDIUM
Elysia-cors <1.3.0 - CSRF Bypass
CVSS 6.5
CVE-2025-46701
HIGH
Apache Tomcat <11.0.6 - Security Constraint Bypass
CVSS 7.3
CVE-2025-4035
MEDIUM
Libsoup - Info Disclosure
CVSS 4.3
CVE-2024-6866
HIGH
corydolphin/flask-cors <4.01 - SSRF
CVSS 7.5
CVE-2025-27636
MEDIUM
Apache Camel <4.10.2 - Command Injection
CVSS 5.6
CVE-2024-55634
HIGH
Drupal < 10.2.11 - Privilege Escalation
CVSS 8.1
CVE-2024-38829
LOW
Spring LDAP <3.2.7 - Info Disclosure
CVSS 3.7
CVE-2024-38820
LOW
DataBinder - Info Disclosure
CVSS 3.1
CVE-2024-5699
CRITICAL
Firefox < 127 - Info Disclosure
CVSS 9.8
CVE-2024-32879
MEDIUM
Python Social Auth <5.4.1 - Info Disclosure
CVSS 4.9
CVE-2024-23331
HIGH
Vite < 2.9.17 - Information Disclosure
CVSS 7.5
CVE-2023-46218
MEDIUM
curl - SSRF
CVSS 6.5
CVE-2023-3545
CRITICAL
Chamilo LMS <=1.11.20 - RCE
CVSS 9.8
CVE-2023-4759
HIGH
Eclipse Jgit - Symlink Following
CVSS 8.8
CVE-2022-29604
CRITICAL
ONOS 2.5.1 - Info Disclosure
CVSS 9.8
CVE-2022-22968
MEDIUM
Spring Framework <5.3.18,<5.2.20 - Info Disclosure
CVSS 5.3
CVE-2021-45893
HIGH
Softwarebuero Zauner ARC 4.2.0.4 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities
55