Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,039 vulnerabilities with CWE-20

CVE-2026-7597 MEDIUM

mem0ai mem0 faiss.py pickle.dump deserialization

CVE-2026-5174 HIGH

Improper Access Control Vulnerability in Progress MOVEit Automation

CVE-2026-1858 MEDIUM

wget2 Improper Certificate Validation

CVE-2026-30769 HIGH

EnTech Taiwan TVicPort 4.0 - Privilege Escalation

CVE-2026-7360 LOW

Google Chrome <147.0.7727.138 - Site Isolation Bypass

CVE-2026-7345 HIGH

Google Chrome <147.0.7727.138 - Sandbox Escape

CVE-2026-7317 MEDIUM

Grav CMS Cache Value FileCache.php doGet deserialization

CVE-2026-24204 MEDIUM

Nvidia Flare SDK - Information Disclosure

CVE-2026-5941 HIGH

Foxit PDF Editor/Reader AcroForm Signature Remote Code Execution Vulnerability

CVE-2026-41044 HIGH

Apache ActiveMQ, Apache ActiveMQ Broker, Apache ActiveMQ All: Authenticated user can perform RCE via DestinationView MBean exposed by Jolokia

CVE-2026-40466 HIGH

Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Possible bypass of CVE-2026-34197 via HTTP discovery second-stage URI

CVE-2026-41268 HIGH

Flowise: Flowise Parameter Override Bypass Remote Command Execution

CVE-2026-34066 MEDIUM

nimiq-blockchain: Peer-triggerable panic during history sync

CVE-2026-33471 CRITICAL

nimiq-block has skip block quorum bypass via out-of-range BitSet indices & u16 truncation

CVE-2026-35380 MEDIUM

uutils coreutils cut Local Logic Error and Data Integrity Issue in Delimiter Parsing

CVE-2026-35377 LOW

uutils coreutils env Local Denial of Service via Improper Handling of Backslashes in Split-String Mode

CVE-2026-35369 MEDIUM

uutils coreutils kill System-wide Process Termination and Denial of Service via Argument Misinterpretation

CVE-2026-35347 MEDIUM

uutils coreutils comm Silent Data Loss or Denial of Service via Improper Input Validation

CVE-2026-31192 MEDIUM

Raindrop.io Bookmark Manager Web App 5.6.76.0 - Info Disclosure

CVE-2026-22748 MEDIUM

Potential Security Misconfiguration when Using withIssuerLocation

CVE-2026-40871 HIGH

mailcow: dockerized vulnerable to Second Order SQL Injection in quarantine category via API

CVE-2026-6779 MEDIUM

Other issue in the JavaScript Engine component

CVE-2026-6777 MEDIUM

Other issue in the Networking: DNS component

CVE-2026-6675 MEDIUM

Responsive Blocks <= 2.2.0 - Unauthenticated Open Email Relay via REST API 'email_to' Parameter

CVE-2026-39386 HIGH

Neko has Self-service Privilege Escalation for Authenticated Users

Page 1 of 482 Next

Details

Vulnerabilities 12,039

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy