Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-354

CWE-354

Medium likelihood

Improper Validation of Integrity Check Value

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.

160 vulnerabilities with CWE-354

CVE-2026-34182 CRITICAL

CMS AuthEnvelopedData Processing May Accept Forged Messages

CVE-2026-34181 HIGH

PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

CVE-2026-8597 HIGH

Missing integrity verification in Triton inference handler in Amazon SageMaker Python SDK

CVE-2026-32148 MEDIUM

Lockfile checksums not verified in Hex allows dependency integrity bypass

CVE-2026-40323 HIGH

SP1 V6 Recursion Circuit Row-Count Binding Gap

CVE-2026-32105 HIGH

xrdp: RDP MAC signature (dataSignature) never verified on receive — integrity bypass in non-TLS mode

CVE-2026-5479 HIGH

wolfSSL EVP ChaCha20-Poly1305 AEAD authentication tag

CVE-2026-5504 MEDIUM

PKCS7 CBC Padding Oracle — Plaintext Recovery

CVE-2026-26928 HIGH

Lack of Dynamic Library Validation in SzafirHost

CVE-2026-33026 CRITICAL

nginx-ui Backup Restore Allows Tampering with Encrypted Backups

CVE-2026-32318 HIGH

Cryptomator for IOS: Tampered vault configuration allows MITM attack on Hub API

CVE-2026-32317 HIGH

Cryptomator for Android: Tampered vault configuration allows MITM attack on Hub API

CVE-2026-32303 HIGH

Cryptomator: Tampered vault configuration allows MITM attack on Hub API

CVE-2026-28498 HIGH

Authlib: Fail-Open Cryptographic Verification in OIDC Hash Binding

CVE-2026-32600 HIGH

xml-security is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption

CVE-2026-32313 HIGH

xmlseclibs is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption

CVE-2026-31839 HIGH

striae >=0.9.22 <3.0.0 - Integrity Check Bypass via Manifest Hash Tampering

CVE-2026-28402 HIGH

nimiq/core-rs-albatross <1.2.2 - Auth Bypass

CVE-2026-26275 HIGH

httpsig-hyper <0.0.23 - Auth Bypass

CVE-2026-25934 MEDIUM

go-git < 5.16.5 - Improper Validation of Integrity Check Value for .pack and .idx Files

CVE-2025-11543 CRITICAL

Sharp Display Solutions - Code Injection

CVE-2025-33193 MEDIUM

NVIDIA DGX Spark GB10 - Info Disclosure

CVE-2025-4616 LOW

Palo Alto Networks Prisma Browser - Privilege Escalation

CVE-2025-55155 MEDIUM

MantisBT < 2.27.2 - Information Disclosure via Unvalidated Email Address Change

CVE-2025-54887 CRITICAL

jwe <1.1.0 - Confidentiality Disclosure

Page 1 of 7 Next

Details

Vulnerabilities 160

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy