CWE-434

4,009 vulnerabilities with CWE-434

CVE-2026-2978 MEDIUM

FastApiAdmin <=2.2.0 - Unrestricted Upload

CVSS 6.3

CVE-2026-2977 MEDIUM

FastApiAdmin <2.2.0 - Unrestricted Upload

CVSS 6.3

CVE-2026-2976 MEDIUM

FastApiAdmin <2.2.0 - Info Disclosure

CVSS 4.3

CVE-2026-27146 MEDIUM

GetSimple CMS - CSRF

CVSS 4.5

CVE-2026-26746 HIGH

OpenSourcePOS 3.4.1 - LFI

CVSS 8.8

CVE-2026-26975 HIGH

Music Assistant <=2.6.3 - RCE

CVSS 8.8

CVE-2026-1405 CRITICAL

Slider Future Plugin <1.0.5 - RCE

CVSS 9.8

CVE-2026-2684 HIGH

Tsinghua Unigroup EA <=3.2.210802 - Unrestricted Upload

CVSS 7.3

CVE-2026-2666 MEDIUM

mingSoft MCMS 6.1.1 - Unrestricted Upload

CVSS 4.7

CVE-2026-2665 MEDIUM

huanzi-qch base-admin - Unrestricted Upload

CVSS 6.3

CVE-2026-2550 CRITICAL

EFM iptime A6004MX 14.18.2 - Unrestricted Upload

CVSS 9.8

CVE-2026-1306 CRITICAL

Midi-Synth <1.1.0 - Unauthenticated RCE

CVSS 9.8

CVE-2026-1358 CRITICAL

Airleader Master <6.381 - RCE

CVSS 9.8

CVE-2026-1458 MEDIUM

Gitlab < 18.6.6 - Unrestricted File Upload

CVSS 6.5

CVE-2026-1357 CRITICAL

WPvivid Backup & Migration <0.9.123 - Unauthenticated RCE

CVSS 9.8

CVE-2026-2097 HIGH

Agentflow - RCE

CVSS 8.8

CVE-2026-25923 CRITICAL

my little forum <20260208.1 - Code Injection

CVSS 9.1

CVE-2026-2226 MEDIUM

DouPHP <1.9 - Unrestricted Upload

CVSS 4.7

CVE-2026-2213 MEDIUM

Fabian Online Music Site - Improper Access Control

CVSS 4.7

CVE-2026-2183 MEDIUM

Great Developers Certificate Generation System <97171bb0e5e22e52eac...

CVSS 6.3

CVE-2026-2164 HIGH

detronetdip E-commerce 1.0.0 - Unrestricted Upload

CVSS 7.3

CVE-2026-2146 MEDIUM

guchengwuyue yshopmall <1.9.1 - Unrestricted Upload

CVSS 6.3

CVE-2026-2133 HIGH

Fabian Online Music Site - Improper Access Control

CVSS 7.3

CVE-2026-2113 HIGH

yuan1994 tpadmin <1.3.12 - Deserialization

CVSS 7.3

CVE-2026-25056 HIGH

N8n < 1.118.0 - Remote Code Execution

CVSS 8.8