Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-354

CWE-354

Medium likelihood

Improper Validation of Integrity Check Value

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.

157 vulnerabilities with CWE-354

CVE-2026-32148 HIGH

Lockfile checksums not verified in Hex allows dependency integrity bypass

CVE-2026-40323 HIGH

SP1 V6 Recursion Circuit Row-Count Binding Gap

CVE-2026-32105 HIGH

xrdp: RDP MAC signature (dataSignature) never verified on receive — integrity bypass in non-TLS mode

CVE-2026-5479 HIGH

wolfSSL EVP ChaCha20-Poly1305 AEAD authentication tag

CVE-2026-5504 MEDIUM

PKCS7 CBC Padding Oracle — Plaintext Recovery

CVE-2026-26928 HIGH

Lack of Dynamic Library Validation in SzafirHost

CVE-2026-33026 CRITICAL

nginx-ui Backup Restore Allows Tampering with Encrypted Backups

CVE-2026-32318 HIGH

Cryptomator for IOS: Tampered vault configuration allows MITM attack on Hub API

CVE-2026-32317 HIGH

Cryptomator for Android: Tampered vault configuration allows MITM attack on Hub API

CVE-2026-32303 HIGH

Cryptomator: Tampered vault configuration allows MITM attack on Hub API

CVE-2026-28498 HIGH

Authlib: Fail-Open Cryptographic Verification in OIDC Hash Binding

CVE-2026-32600 HIGH

xml-security is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption

CVE-2026-32313 HIGH

xmlseclibs is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption

CVE-2026-31839 HIGH

Striae <3.0.0 - Integrity Bypass

CVE-2026-28402 HIGH

nimiq/core-rs-albatross <1.2.2 - Auth Bypass

CVE-2026-26275 HIGH

httpsig-hyper <0.0.23 - Auth Bypass

CVE-2026-25934 MEDIUM

go-git <5.16.5 - Info Disclosure

CVE-2025-11543 CRITICAL

Sharp Display Solutions - Code Injection

CVE-2025-33193 MEDIUM

NVIDIA DGX Spark GB10 - Info Disclosure

CVE-2025-4616 LOW

Palo Alto Networks Prisma Browser - Privilege Escalation

CVE-2025-55155 MEDIUM

MantisBT <2.27.1 - Info Disclosure

CVE-2025-54887 CRITICAL

jwe <1.1.0 - Confidentiality Disclosure

CVE-2025-7096 HIGH

Comodo Internet Security Premium 12.3.4.8162 - Info Disclosure

CVE-2025-39203 MEDIUM

Hitachienergy Microscada X Sys600 < 10.7 - Denial of Service

CVE-2025-4418 MEDIUM

AVEVA PI Connector for CygNet <1.6.14 - Privilege Escalation

Page 1 of 7 Next

Details

Vulnerabilities 157

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy