Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-20

CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,039 vulnerabilities with CWE-20

CVE-2026-27928 HIGH

Windows Hello Security Feature Bypass Vulnerability

CVE-2026-27913 HIGH

Windows BitLocker Security Feature Bypass Vulnerability

CVE-2026-27906 MEDIUM

Windows Hello Security Feature Bypass Vulnerability

CVE-2026-26170 HIGH

PowerShell Elevation of Privilege Vulnerability

CVE-2026-26161 HIGH

Windows Sensor Data Service Elevation of Privilege Vulnerability

CVE-2026-26156 HIGH

Windows Hyper-V Remote Code Execution Vulnerability

CVE-2026-26154 HIGH

Windows Server Update Service (WSUS) Tampering Vulnerability

CVE-2026-26143 HIGH

Microsoft PowerShell Security Feature Bypass Vulnerability

CVE-2026-39417 MEDIUM

MaxKB: RCE via MCP stdio command injection in workflow engine

CVE-2026-33948 MEDIUM

jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed Input

CVE-2026-22565 HIGH

UniFi Play PowerAmp <1.0.38 - DoS

CVE-2026-22563 CRITICAL

Ubiquiti INC UniFi Play PowerAmp < 1.0.38 - Command Injection

CVE-2026-6231 MEDIUM

bson_validate may skip validation when processing certain inputs

CVE-2026-34855 MEDIUM

Huawei HarmonyOS < 6.0.0 - Out-of-Bounds Access

CVE-2026-40162 HIGH

Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble

CVE-2026-5500 MEDIUM

Improper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication Bypass

CVE-2026-33797 HIGH

Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a BGP reset

CVE-2026-32990 MEDIUM

Apache Tomcat: Fix for CVE-2025-66614 is incomplete

CVE-2026-5329 HIGH

Rapid7 Velociraptor Improper Input Validation in Client Message Handler

CVE-2026-34178 CRITICAL

Importing a crafted backup leads to project restriction bypass

CVE-2026-5919 MEDIUM

Google Chrome <147.0.7727.55 - Auth Bypass

CVE-2026-5915 HIGH

Google Chrome < 147.0.7727.55 - Out-of-Bounds Access

CVE-2026-5887 MEDIUM

Google Chrome <147.0.7727.55 - Auth Bypass

CVE-2026-5885 MEDIUM

Google Chrome <147.0.7727.55 - Info Disclosure

CVE-2026-5884 HIGH

Google Chrome <147.0.7727.55 - Code Injection

Previous Page 3 of 482 Next

Details

Vulnerabilities 12,039

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy