Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,423 vulnerabilities with CWE-20

CVE-2026-26156 HIGH

Windows Hyper-V Remote Code Execution Vulnerability

CVE-2026-26154 HIGH

Windows Server Update Service (WSUS) Tampering Vulnerability

CVE-2026-26143 HIGH

Microsoft PowerShell Security Feature Bypass Vulnerability

CVE-2026-39417 MEDIUM

MaxKB: RCE via MCP stdio command injection in workflow engine

CVE-2026-33948 MEDIUM

jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed Input

CVE-2026-22565 HIGH

UniFi Play PowerAmp < 1.0.38 and UniFi Play Audio Port < 1.1.9 - Denial of Service

CVE-2026-22563 CRITICAL

UniFi Play PowerAmp < 1.0.38 and UniFi Play Audio Port < 1.1.9 - Command Injection via Improper Input Validation

CVE-2026-6231 MEDIUM

bson_validate may skip validation when processing certain inputs

CVE-2026-34855 MEDIUM

Huawei HarmonyOS and EMUI - Out-of-bounds Write in Kernel Module

CVE-2026-40162 HIGH

Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble

CVE-2026-5500 MEDIUM

Improper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication Bypass

CVE-2026-33797 HIGH

Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a BGP reset

CVE-2026-32990 MEDIUM

Apache Tomcat: Fix for CVE-2025-66614 is incomplete

CVE-2026-5329 HIGH

Rapid7 Velociraptor Improper Input Validation in Client Message Handler

CVE-2026-34178 CRITICAL

Importing a crafted backup leads to project restriction bypass

CVE-2026-5919 MEDIUM

Google Chrome <147.0.7727.55 - Auth Bypass

CVE-2026-5915 HIGH

Google Chrome < 147.0.7727.55 - Out of Bounds Memory Write in WebML

CVE-2026-5887 MEDIUM

Google Chrome <147.0.7727.55 - Auth Bypass

CVE-2026-5885 MEDIUM

Google Chrome <147.0.7727.55 - Info Disclosure

CVE-2026-5884 HIGH

Google Chrome <147.0.7727.55 - Code Injection

CVE-2026-5879 HIGH

Google Chrome <147.0.7727.55 - Code Injection

CVE-2026-39410 MEDIUM

Hono <4.12.12 getCookie() - Cookie Prefix Bypass

CVE-2026-34197 HIGH KEV

Apache ActiveMQ Broker, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans

CVE-2026-5659 MEDIUM

pytries datrie trie File datrie.pyx Trie.__setstate__ deserialization

CVE-2026-30078 HIGH

OpenAirInterface oai-cn5g-amf - Denial of Service via Invalid NGAP Message Procedure Code or PDU-Type

Previous Page 18 of 497 Next

Details

Vulnerabilities 12,423

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy