CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,423 vulnerabilities with CWE-20
CVE-2026-45055 HIGH
CubeCart: Pre-Authenticated Password Reset Link Poisoning via HTTP Host Header
CVSS 8.1
CVE-2026-44379 MEDIUM
MISP: Improper UUID validation in MISP Collections
CVSS 5.3
CVE-2026-42579 HIGH
Netty: DNS Codec Input Validation Bypass in Netty (Encoder + Decoder)
CVSS 7.5
CVE-2026-0238 LOW
Broker VM: Improper Input Validation in Broker VM Certificate and Key Fields
CVE-2026-2695 MEDIUM
Lack of Server-side validation in Instruction Input in TeamViewer DEX Platform (On-Premises)
CVSS 6.3
CVE-2026-44294 MEDIUM
protobufjs: Denial of service from crafted field names in generated code
CVSS 5.3
CVE-2026-8369 MEDIUM
Improper Input Validation in OpenThread NAT64 Translator
CVE-2026-42544 HIGH
Granian: Unauthenticated DoS via WebSocket subprotocol header panic
CVSS 7.5
CVE-2026-34688 MEDIUM
CAI Content Credentials | Improper Input Validation (CWE-20)
CVSS 6.2
CVE-2026-34685 LOW
Adobe Commerce | Improper Input Validation (CWE-20)
CVSS 3.4
CVE-2026-34679 MEDIUM
CAI Content Credentials | Improper Input Validation (CWE-20)
CVSS 6.2
CVE-2026-34670 MEDIUM
CAI Content Credentials | Improper Input Validation (CWE-20)
CVSS 6.2
CVE-2026-34669 MEDIUM
CAI Content Credentials | Improper Input Validation (CWE-20)
CVSS 6.2
CVE-2026-34668 MEDIUM
CAI Content Credentials | Improper Input Validation (CWE-20)
CVSS 6.2
CVE-2026-34666 MEDIUM
CAI Content Credentials | Improper Input Validation (CWE-20)
CVSS 6.2
CVE-2026-23825 HIGH
Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component
CVSS 7.5
CVE-2026-44343 CRITICAL
WGDashboard < 4.3.2 - Unauthenticated Host File System Access
CVSS 9.8
CVE-2026-44204 MEDIUM
Shelf: SQL Injection via sortBy Parameter
CVSS 6.5
CVE-2026-35433 HIGH
Microsoft .NET - Local Privilege Escalation
CVSS 7.3
CVE-2026-32177 HIGH
Microsoft .NET - Heap Buffer Overflow Privilege Escalation
CVSS 7.3
CVE-2026-20767 HIGH
Intel(R) QAT software drivers for Windows < 1.13 - Escalation of Privilege via Improper Input Validation
CVSS 7.8
CVE-2026-43989 HIGH
JunoClaw: upload_wasm accepted arbitrary filesystem paths without validation
CVSS 8.5
CVE-2026-20905 MEDIUM
Intel(R) QAT software drivers for Windows < 2.6 - Denial of Service via Improper Input Validation
CVSS 6.6
CVE-2026-20717 MEDIUM
Intel(R) QAT software drivers for Windows < 1.13 - Denial of Service via Improper Input Validation
CVSS 6.6
CVE-2026-41293 CRITICAL
Apache Tomcat: HTTP/2 request headers not validated
CVSS 9.8
Details
Vulnerabilities 12,423
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits