Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,439 vulnerabilities with CWE-20

CVE-2026-0403 HIGH

NETGEAR Orbi Routers - OS Command Injection via Insufficient Input Validation

CVE-2026-0878 HIGH

Firefox < 147.0 and 140.7-140.* - Sandbox Escape via CanvasWebGL Boundary Condition Mismanagement

CVE-2026-22700 HIGH

rustcrypto/sm2_elliptic_curve 0.14.0-pre.0/rc.0 DoS via Unchecked Slice Operations in SM2 Decryption

CVE-2026-22699 HIGH

RustCrypto sm2_elliptic_curve 0.14.0-pre.0 and 0.14.0-rc.0 - Denial of Service via Invalid SM2 PKE C1 Point Decoding

CVE-2026-22611 LOW

AWSSDK.Core 4.0.0-4.0.3.2 - Improper Input Validation in Region Input Field

CVE-2026-22255 HIGH

iccdev < 2.3.1.2 - Heap-Based Buffer Overflow in CIccCLUT::Init()

CVE-2026-21858 CRITICAL

n8n 1.65.0-1.120.9 - Unauthenticated Arbitrary File Read via Form-Based Workflow Execution

CVE-2026-22047 HIGH

iccDEV < 2.3.1.2 - Heap-Based Buffer Overflow in SIccCalcOp::Describe()

CVE-2026-22046 HIGH

iccdev < 2.3.1.2 - Heap-Based Buffer Overflow in CIccProfileXml::ParseBasic()

CVE-2026-21693 HIGH

iccDEV < 2.3.1.2 - Type Confusion in CIccSegmentedCurveXml::ToXml()

CVE-2026-21692 HIGH

iccdev < 2.3.1.2 - Type Confusion in ToXmlCurve()

CVE-2026-21691 MEDIUM

iccdev < 2.3.1.2 - Type Confusion in CIccTag:IsTypeCompressed()

CVE-2026-21690 MEDIUM

iccDEV < 2.3.1.2 - Type Confusion in CIccTagXmlTagData::ToXml()

CVE-2026-21689 MEDIUM

iccDEV < 2.3.1.2 - Type Confusion in CIccProfileXml::ParseBasic()

CVE-2026-21688 HIGH

iccDEV < 2.3.1.2 - Type Confusion in SIccCalcOp::ArgsPushed()

CVE-2026-21687 HIGH

iccdev < 2.3.1.1 - Undefined Behavior in CIccTagCurve Constructor

CVE-2026-21686 HIGH

iccDEV < 2.3.1.1 - Undefined Behavior in CIccTagLutAtoB::Validate()

CVE-2026-21685 HIGH

iccDEV < 2.3.1.1 - Undefined Behavior in CIccTagLut16::Read()

CVE-2026-21684 HIGH

iccDEV < 2.3.1.2 - Undefined Behavior in CIccTagSpectralViewingConditions

CVE-2026-21683 HIGH

iccDEV < 2.3.1.2 - Type Confusion in icStatusCMM::CIccEvalCompare::EvaluateProfile()

CVE-2026-21682 HIGH

iccDEV < 2.3.1.2 - Heap-based Buffer Overflow in CIccXmlArrayType::ParseText()

CVE-2026-21681 HIGH

iccDEV < 2.3.1.2 - Undefined Behavior via ICC Profile Processing

CVE-2026-21679 HIGH

iccDEV < 2.3.1.2 - Heap-Based Buffer Overflow in CIccLocalizedUnicode::GetText()

CVE-2026-21678 HIGH

iccdev < 2.3.1.2 - Heap-based Buffer Overflow in IccTagXml()

CVE-2026-21506 MEDIUM

iccDEV < 2.3.1.2 - Denial of Service via Null Pointer Dereference in CIccProfileXml::ParseBasic()

Previous Page 27 of 498 Next

Details

Vulnerabilities 12,439

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy