Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,433 vulnerabilities with CWE-20

CVE-2026-25117 HIGH

pwn.college DOJO <e33da14449a5abcff507e554f66e2141d6683b0a - XSS

CVE-2026-23571 MEDIUM

TeamViewer DEX < 26.1 - Authenticated Command Injection via 1E-Nomad-RunPkgStatusRequest Input Field

CVE-2026-23570 MEDIUM

TeamViewer DEX Client <26.1 - Info Disclosure

CVE-2026-23566 MEDIUM

TeamViewer DEX Client <26.1 - Log Injection

CVE-2026-24856 HIGH

iccDEV < 2.3.1.2 - Memory Corruption via Floating-Point NaN to Unsigned Short Conversion

CVE-2026-1315 HIGH

TP-Link Tapo C220 and C520WS Firmware - Unauthenticated Denial of Service via Firmware Update Endpoint

CVE-2026-0919 HIGH

TP-Link Tapo C210 v3 C220 v1 C520WS v2 - Unauthenticated Denial of Service via Long URL Path

CVE-2026-24348 MEDIUM

EZCast Pro II Firmware 1.17478.146 - Cross-Site Scripting in Admin UI

CVE-2026-24347 MEDIUM

EZCast Pro II <1.17478.146 - Path Traversal

CVE-2026-24345 HIGH

EZCast Pro II Firmware 1.17478.146 - Cross-Site Request Forgery in Admin UI

CVE-2026-24811 CRITICAL

root < 6.34.08 - Out-of-bounds Read in builtins/zlib inffast.C

CVE-2026-24412 HIGH

iccDEV < 2.3.1.2 - Heap-based Buffer Overflow in CIccTagXmlSegmentedCurve::ToXml()

CVE-2026-24411 HIGH

iccDEV <2.3.1.1 - Memory Corruption

CVE-2026-24410 HIGH

iccDEV < 2.3.1.2 - Null Pointer Dereference in CIccProfileXml::ParseBasic()

CVE-2026-24409 HIGH

iccdev < 2.3.1.2 - Null Pointer Dereference in CIccTagXmlFloatNum ParseXml

CVE-2026-24407 HIGH

iccDEV <2.3.1.1 - Memory Corruption

CVE-2026-24406 HIGH

iccDEV < 2.3.1.2 - Heap-based Buffer Overflow in CIccTagNamedColor2::SetSize()

CVE-2026-24405 HIGH

iccdev < 2.3.1.2 - Heap-based Buffer Overflow in CIccMpeCalculator::Read()

CVE-2026-24404 HIGH

iccDEV <2.3.1.1 - Null Pointer Dereference

CVE-2026-24403 HIGH

iccDEV <2.3.1.1 - Memory Corruption

CVE-2026-1225 LOW

logback-core <= 1.5.24 - Arbitrary Class Instantiation via Configuration File Processing

CVE-2026-23887 MEDIUM

Group-Office <6.8.148 & 25.0.1-25.0.79 - XSS

CVE-2026-22598 HIGH

ManageIQ < radjabov-2 - Denial of Service via Malformed TimeProfile

CVE-2026-22444 HIGH

Apache Solr 8.6.0-9.10.0 - Unauthenticated Path Traversal via Create Core API

CVE-2026-0933 CRITICAL

Cloudflare Wrangler 2.0.15-3.114.17 - OS Command Injection via --commit-hash Parameter

Previous Page 25 of 498 Next

Details

Vulnerabilities 12,433

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy