Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-346

CWE-346

Origin Validation Error

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not properly verify that the source of data or communication is valid.

479 vulnerabilities with CWE-346

CVE-2026-34373 HIGH

Parse Server: GraphQL API endpoint ignores CORS origin restriction

CVE-2026-33697 HIGH

CoCoS attested TLS is vulnerable to relay attacks via extracted ephemeral TLS keys

CVE-2026-21790 MEDIUM

HCL Traveler is susceptible to a weak default HTTP header validation vulnerability

CVE-2026-33314 MEDIUM

pyload-ng: Improper Authentication and Origin Validation Error

CVE-2026-32318 HIGH

Cryptomator for IOS: Tampered vault configuration allows MITM attack on Hub API

CVE-2026-32317 HIGH

Cryptomator for Android: Tampered vault configuration allows MITM attack on Hub API

CVE-2026-32303 HIGH

Cryptomator: Tampered vault configuration allows MITM attack on Hub API

CVE-2026-32634 HIGH

Glances Central Browser Autodiscovery Leaks Reusable Credentials to Zeroconf-Spoofed Servers

CVE-2026-32632 MEDIUM

Glances's REST/WebUI Lacks Host Validation and Remains Exposed to DNS Rebinding

CVE-2026-20643 MEDIUM

Apple Macos < 26.3.2 (a) - Denial of Service

CVE-2026-2457 MEDIUM

WebSocket Message Spoofing via Permalink Embed Manipulation

CVE-2026-32302 HIGH

OpenClaw <2026.3.11 - Auth Bypass

CVE-2026-27478 CRITICAL

Unity Catalog <=0.4.0 - Auth Bypass

CVE-2026-3846 MEDIUM

Firefox <148.0.2 - Auth Bypass

CVE-2026-30964 MEDIUM

web-auth/webauthn-lib <5.2.4 - Auth Bypass

CVE-2026-25604 MEDIUM

AWS Auth Manager - Auth Bypass

CVE-2026-28403 HIGH

Textream <1.5.1 - CSRF

CVE-2026-27824 MEDIUM

calibre <9.4.0 - Auth Bypass

CVE-2026-26861 HIGH

CleverTap Web SDK <1.15.2 - XSS

CVE-2026-2790 CRITICAL

Firefox <148 & ESR <140.8 - Auth Bypass

CVE-2026-23552 CRITICAL

Apache Camel 4.15.0-4.17.0 - Auth Bypass

CVE-2026-27579 HIGH

CollabPlatform - Info Disclosure

CVE-2026-27192 HIGH

Feathersjs <=5.0.39 - Auth Bypass

CVE-2026-27118 MEDIUM

@sveltejs/adapter-vercel <6.3.2 - Cache Poisoning

CVE-2026-27004 MEDIUM

OpenClaw <2026.2.15 - Privilege Escalation

Previous Page 2 of 20 Next

Details

Vulnerabilities 479

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy