Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,423 vulnerabilities with CWE-20

CVE-2026-21733 HIGH

Imagination Graphics DDK RGXDerivePTEProt8 - Shared Memory Overwrite

CVE-2026-6409 HIGH

Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input

CVE-2026-22615 MEDIUM

Eaton IPP Software <2.0 - Command Injection

CVE-2026-40261 HIGH

Composer has Command Injection via Malicious Perforce Reference

CVE-2026-40176 HIGH

Composer is vulnerable to Command Injection via Malicious Perforce Repository

CVE-2026-1782 MEDIUM

MetForm Pro <= 3.9.7 - Unauthenticated Payment Amount Manipulation via 'mf-calculation'

CVE-2026-6328 HIGH

XQUIC Improper STREAM Frame Validation in Initial/Handshake Packets

CVE-2026-39399 CRITICAL

NuGet Gallery: Arbitrary Blob Overwrite via Nuspec Confusion and URI Fragment Truncation

CVE-2026-35031 CRITICAL

Jellyfin: Potential RCE via subtitle upload path traversal + .strm chain

CVE-2026-27299 MEDIUM

Adobe Framemaker | Improper Input Validation (CWE-20)

CVE-2026-27306 HIGH

ColdFusion | Improper Input Validation (CWE-20)

CVE-2026-27304 CRITICAL

ColdFusion | Improper Input Validation (CWE-20)

CVE-2026-27282 HIGH

ColdFusion | Improper Input Validation (CWE-20)

CVE-2026-24893 HIGH

openITCOCKPIT has Authenticated Command Injection Leading to Remote Code Execution via Host Address Macro Expansion

CVE-2026-33826 HIGH

Windows Active Directory Remote Code Execution Vulnerability

CVE-2026-33116 HIGH

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

CVE-2026-32203 HIGH

.NET and Visual Studio Denial of Service Vulnerability

CVE-2026-32201 MEDIUM KEV

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2026-32168 HIGH

Azure Monitor Agent Elevation of Privilege Vulnerability

CVE-2026-32149 HIGH

Windows Hyper-V Remote Code Execution Vulnerability

CVE-2026-27928 HIGH

Windows Hello Security Feature Bypass Vulnerability

CVE-2026-27913 HIGH

Windows BitLocker Security Feature Bypass Vulnerability

CVE-2026-27906 MEDIUM

Windows Hello Security Feature Bypass Vulnerability

CVE-2026-26170 HIGH

PowerShell Elevation of Privilege Vulnerability

CVE-2026-26161 HIGH

Windows Sensor Data Service Elevation of Privilege Vulnerability

Previous Page 17 of 497 Next

Details

Vulnerabilities 12,423

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy