Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-358

CWE-358

Improperly Implemented Security Check for Standard

Parent: CWE-573 - Improper Following of Specification by Caller

The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

122 vulnerabilities with CWE-358

CVE-2026-11127 MEDIUM

Google Chrome < 149.0.7827.53 - Domain Spoofing via WebAPK

CVE-2026-11122 MEDIUM

Google Chrome - XSS

CVE-2026-44475 MEDIUM

Ella Core: UE Security Capability bypass on NGAP PathSwitchRequest

CVE-2026-44474 LOW

Ella Core: Handover failures during concurrent Security Mode Command

CVE-2026-44473 HIGH

Ella Core: UE Downlink Redirection via Forged PDUSessionResourceSetupResponse

CVE-2026-42082 LOW

free5GC: Missing Concurrent NAS SMC Validation During NGAP Handover

CVE-2026-42081 MEDIUM

free5GC: UE Security Capability bypass on NGAP PathSwitchRequest

CVE-2026-40597 HIGH

MantisBT <2.28.2 Attachments - Content Security Policy Bypass

CVE-2026-28914 MEDIUM

Apple macOS <26.5 - Gatekeeper Bypass

CVE-2026-22618 MEDIUM

Eaton IPP software <2.0 - Security Misconfiguration

CVE-2026-5894 MEDIUM

Google Chrome <147.0.7727.55 - Auth Bypass

CVE-2026-35679 LOW

Zcash zcashd <6.12.0 - Invalid Transaction Validation

CVE-2026-29103 CRITICAL

SuiteCRM Vulnerable to Remote Code Execution via Module Loader Package Scanner Bypass

CVE-2026-2645 HIGH

Acceptance of CertificateVerify Message before ClientKeyExchange in TLS 1.2

CVE-2026-1486 HIGH

Keycloak 26.5.0-26.5.2 - Unauthenticated Token Issuance via Disabled Identity Provider Bypass

CVE-2025-31983 LOW

HCL BigFix Service Management (SM) is affected by a security misconfiguration vulnerability due to CSP header

CVE-2025-31970 MEDIUM

HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability

CVE-2025-13333 MEDIUM

IBM WebSphere 9.0/8.5 - Auth Bypass

CVE-2025-66607 MEDIUM

Yokogawa FAST/TOOLS R9.01-R10.04 - Open Redirect via Insecure Response Header

CVE-2025-66603 CRITICAL

FAST/TOOLS <10.04 - Info Disclosure

CVE-2025-66601 MEDIUM

Yokogawa Electric Corporation FAST/TOOLS <10.04 - XSS

CVE-2025-66600 HIGH

FAST/TOOLS <10.04 - Info Disclosure

CVE-2025-69234 CRITICAL

Whale < 4.35.351.12 - Sandbox Escape via Sidebar Iframe

CVE-2025-62002 MEDIUM

BullWall Ransomware Containment <4.6.1.4 - Authenticated RCE

CVE-2025-66323 MEDIUM

HarmonyOS - Denial of Service via Card Module Security Check Bypass

Page 1 of 5 Next

Details

Vulnerabilities 122

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy