The product does not properly verify that the source of data or communication is valid.
438 vulnerabilities with CWE-346
CVE-2026-25604
AWS Auth Manager - Auth Bypass
CVE-2025-68467
LOW
Dark Reader - Info Disclosure
CVSS 3.4
CVE-2026-28403
HIGH
Textream <1.5.1 - CSRF
CVSS 7.6
CVE-2026-27824
MEDIUM
calibre <9.4.0 - Auth Bypass
CVSS 5.3
CVE-2026-26861
HIGH
CleverTap Web SDK <1.15.2 - XSS
CVSS 8.3
CVE-2025-1787
MEDIUM
Genetec Update Service - Privilege Escalation
CVSS 4.2
CVE-2026-2790
CRITICAL
Firefox <148 & ESR <140.8 - Auth Bypass
CVSS 9.8
CVE-2026-23552
CRITICAL
Apache Camel 4.15.0-4.17.0 - Auth Bypass
CVSS 9.1
CVE-2026-27579
HIGH
CollabPlatform - Info Disclosure
CVSS 7.4
CVE-2026-27192
HIGH
Feathersjs <=5.0.39 - Auth Bypass
CVSS 8.1
CVE-2026-27118
@sveltejs/adapter-vercel <6.3.2 - Cache Poisoning
CVE-2026-27004
MEDIUM
OpenClaw <2026.2.15 - Privilege Escalation
CVSS 5.5
CVE-2026-2345
LOW
Proctorio Chrome Extension - XSS
CVSS 3.6
CVE-2025-7659
HIGH
GitLab CE/EE <18.6.6-18.8.4 - Info Disclosure
CVSS 8.0
CVE-2026-1997
MEDIUM
HP OfficeJet Pro - Info Disclosure
CVSS 5.3
CVE-2022-50975
HIGH
Device <unknown> - Privilege Escalation
CVSS 8.8
CVE-2026-22694
MEDIUM
AliasVault <0.25.2 - Info Disclosure
CVSS 6.1
CVE-2022-50925
CRITICAL
Prowise Reflect <1.0.9 - Code Injection
CVSS 9.8
CVE-2026-22794
CRITICAL
Appsmith < 1.93 - Origin Validation Error
CVSS 9.6
CVE-2025-14279
HIGH
MLFlow <3.4.0 - SSRF
CVSS 8.1
CVE-2026-22030
MEDIUM
Shopify React-router < 7.11.0 - CSRF
CVSS 6.5
CVE-2025-67825
MEDIUM
Gonitro Nitro Pdf Pro < 14.42.0.34 - Origin Validation Error
CVSS 5.5
CVE-2025-69260
HIGH
Trendmicro Apex Central - Out-of-Bounds Read
CVSS 7.5
CVE-2025-69259
HIGH
Trendmicro Apex Central - NULL Pointer Dereference
CVSS 7.5
CVE-2025-69258
CRITICAL
Trendmicro Apex Central - Origin Validation Error
CVSS 9.8
Details
Vulnerabilities
438