The product does not properly verify that the source of data or communication is valid.
479 vulnerabilities with CWE-346
CVE-2026-2345
LOW
Proctorio Chrome Extension - XSS
CVSS 3.6
CVE-2026-1997
MEDIUM
HP OfficeJet Pro - Info Disclosure
CVSS 5.3
CVE-2026-22694
MEDIUM
AliasVault <0.25.2 - Info Disclosure
CVSS 6.1
CVE-2026-22794
CRITICAL
Appsmith < 1.93 - Origin Validation Error
CVSS 9.6
CVE-2026-22030
MEDIUM
Shopify React-router < 7.11.0 - CSRF
CVSS 6.5
CVE-2026-20893
HIGH
Fujitsu Security Solution AuthConductor Client Basic V2 <2.0.25.0 -...
CVSS 7.8
CVE-2025-68467
LOW
Dark Reader - Info Disclosure
CVSS 3.4
CVE-2025-1787
MEDIUM
Genetec Update Service - Privilege Escalation
CVSS 4.2
CVE-2025-7659
HIGH
GitLab CE/EE <18.6.6-18.8.4 - Info Disclosure
CVSS 8.0
CVE-2025-14279
HIGH
MLFlow <3.4.0 - SSRF
CVSS 8.1
CVE-2025-67825
MEDIUM
Gonitro Nitro Pdf Pro < 14.42.0.34 - Origin Validation Error
CVSS 5.5
CVE-2025-69260
HIGH
Trendmicro Apex Central - Out-of-Bounds Read
CVSS 7.5
CVE-2025-69259
HIGH
Trendmicro Apex Central - NULL Pointer Dereference
CVSS 7.5
CVE-2025-69258
CRITICAL
Trendmicro Apex Central - Origin Validation Error
CVSS 9.8
CVE-2025-69235
HIGH
Navercorp Whale < 4.35.351.12 - Origin Validation Error
CVSS 7.5
CVE-2025-61740
HIGH
Device - DoS
CVE-2025-63388
CRITICAL
Dify v1.9.1 - CSRF
CVSS 9.1
CVE-2025-63386
CRITICAL
Dify v1.9.1 - CSRF
CVSS 9.1
CVE-2025-14331
MEDIUM
Firefox < 146 - SSRF
CVSS 6.5
CVE-2025-34291
HIGH
Langflow < 1.6.9 - Origin Validation Error
CVSS 8.8
CVE-2025-8074
MEDIUM
Synology Beedrive < 1.4.3-13973 - Origin Validation Error
CVSS 5.6
CVE-2025-13947
HIGH
WebKitGTK - Info Disclosure
CVSS 7.4
CVE-2025-37734
MEDIUM
Kibana - SSRF
CVSS 4.3
CVE-2025-12905
MEDIUM
Google Chrome <140.0.7339.80 - CSRF
CVSS 5.4
CVE-2025-12245
MEDIUM
Chatwoot < 4.7.0 - Origin Validation Error
CVSS 5.3
Details
Vulnerabilities
479