Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-178

CWE-178

Improper Handling of Case Sensitivity

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.

62 vulnerabilities with CWE-178

CVE-2026-3833 MEDIUM

Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison

CVE-2026-40453 CRITICAL

Apache Camel JMS, Apache Camel CoAP, Apache Camel Google PubSub: Incomplete fix for CVE-2025-27636 in non-HTTP HeaderFilterStrategies (camel-jms, camel-sjms, camel-coap, camel-google-pubsub) allows ca

CVE-2026-22665 HIGH

prompts.chat Identity Confusion via Case-Sensitive Username Handling

CVE-2026-33691 MEDIUM

OWASP CRS: Whitespace padding in filenames bypasses file upload extension checks

CVE-2026-3532 MEDIUM

OpenID Connect / OAuth client - Less critical - Access bypass - SA-CONTRIB-2026-027

CVE-2026-32939 HIGH

DataEase is Vulnerable to H2 JDBC RCE Bypass

CVE-2026-28292 CRITICAL

simple-git 3.15.0-3.32.2 - RCE

CVE-2026-29054 HIGH

Traefik 2.11.9-2.11.37/3.1.3-3.6.8 - Auth Bypass

CVE-2026-27896 HIGH

Go MCP SDK <1.3.1 - Auth Bypass

CVE-2026-27588 CRITICAL

Caddy <2.11.1 - Auth Bypass

CVE-2026-27587 CRITICAL

Caddy <2.11.1 - Auth Bypass

CVE-2026-25889 MEDIUM

Filebrowser < 2.57.1 - XSS

CVE-2025-67718 HIGH

NPM Formio < 3.5.7 - Information Disclosure

CVE-2025-59944 HIGH

Anysphere Cursor < 1.6.23 - Remote Code Execution

CVE-2025-61593 HIGH

Cursor <1.7 - RCE

CVE-2025-50864 MEDIUM

Elysia-cors <1.3.0 - CSRF Bypass

CVE-2025-46701 HIGH

Apache Tomcat <11.0.6 - Security Constraint Bypass

CVE-2025-4035 MEDIUM

Libsoup - Info Disclosure

CVE-2025-27636 MEDIUM

Apache Camel <4.10.2 - Command Injection

CVE-2024-6866 HIGH

corydolphin/flask-cors <4.01 - SSRF

CVE-2024-55634 HIGH

Drupal < 10.2.11 - Privilege Escalation

CVE-2024-38829 LOW

Spring LDAP <3.2.7 - Info Disclosure

CVE-2024-38820 LOW

DataBinder - Info Disclosure

CVE-2024-5699 CRITICAL

Firefox < 127 - Info Disclosure

CVE-2024-32879 MEDIUM

Python Social Auth <5.4.1 - Info Disclosure

Page 1 of 3 Next

Details

Vulnerabilities 62

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy