Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,423 vulnerabilities with CWE-20

CVE-2026-7945 LOW

Google Chrome < 148.0.7778.96 - Site Isolation Bypass via COOP Input Validation

CVE-2026-7944 LOW

Google Chrome < 148.0.7778.96 - Site Isolation Bypass via Persistent Cache Input Validation

CVE-2026-7943 MEDIUM

Google Chrome < 148.0.7778.96 - Arbitrary Read/Write via ANGLE Input Validation

CVE-2026-7941 MEDIUM

Google Chrome < 148.0.7778.96 - Universal Cross-Site Scripting via Crafted Extension

CVE-2026-7934 MEDIUM

Google Chrome < 148.0.7778.96 - Navigation Restriction Bypass via Popup Blocker Input Validation

CVE-2026-7931 MEDIUM

Google Chrome < 148.0.7778.96 - UI Spoofing via Crafted HTML Page

CVE-2026-7916 HIGH

Google Chrome < 148.0.7778.96 - Sandbox Escape via InterestGroups

CVE-2026-7915 MEDIUM

Google Chrome <148.0.7778.96 - Auth Bypass

CVE-2026-7905 HIGH

Google Chrome < 148.0.7778.96 - Sandbox Escape via Media Input Validation

CVE-2026-40068 HIGH

Claude Code arbitrary code execution via git worktree commondir trust dialog bypass

CVE-2026-32603 MEDIUM

Sandboxie kernel driver denial of service via malformed IOCTL from sandboxed process

CVE-2026-6180 HIGH

PaperCut MF: Card truncation on HP readers

CVE-2026-42812 CRITICAL

Apache Polaris: No protection on `write.metadata.path`

CVE-2026-42811 CRITICAL

Apache Polaris: could broaden vended GCS credentials through unescaped identifier content in access-boundary CEL conditions

CVE-2026-42810 CRITICAL

Apache Polaris: could broaden vended S3 credentials through wildcard-bearing namespace or table names

CVE-2026-42809 CRITICAL

Apache Polaris: staged table creation could vend storage credentials for unvalidated locations

CVE-2026-37458 MEDIUM

FRRouting 10.0-10.6 - Authenticated Denial of Service via MP_REACH_NLRI UPDATE Message

CVE-2026-7712 MEDIUM

MindsDB Pickle pickle.loads deserialization

CVE-2026-7597 MEDIUM

mem0ai mem0 faiss.py pickle.dump deserialization

CVE-2026-1577 MEDIUM

IBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueries

CVE-2026-5174 HIGH

Improper Access Control Vulnerability in Progress MOVEit Automation

CVE-2026-1858 MEDIUM

wget2 Improper Certificate Validation

CVE-2026-30769 HIGH

EnTech Taiwan TVicPort 4.0 - Privilege Escalation

CVE-2026-7360 LOW

Google Chrome <147.0.7727.138 - Site Isolation Bypass

CVE-2026-7345 HIGH

Google Chrome <147.0.7727.138 - Sandbox Escape

Previous Page 15 of 497 Next

Details

Vulnerabilities 12,423

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy