Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-472

CWE-472

External Control of Assumed-Immutable Web Parameter

Parent: CWE-642 - External Control of Critical State Data

The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.

123 vulnerabilities with CWE-472

CVE-2026-42655 MEDIUM

WordPress Best Payments Plugin for WP plugin <= 4.6.19 - Payment Bypass vulnerability

CVE-2026-11678 MEDIUM

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-11669 MEDIUM

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-11655 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-11640 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-11290 MEDIUM

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-11281 MEDIUM

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-11211 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-11171 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-11088 CRITICAL

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-11085 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-11058 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-11044 MEDIUM

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-10987 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-10986 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-10965 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-10964 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-10963 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-10924 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-10921 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-9998 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-9968 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-9966 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-9960 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-9911 MEDIUM

Google Chrome - External Control of Assumed-Immutable Web Parameter

Page 1 of 5 Next

Details

Vulnerabilities 123

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy