Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-472

CWE-472

External Control of Assumed-Immutable Web Parameter

Parent: CWE-642 - External Control of Critical State Data

The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.

123 vulnerabilities with CWE-472

CVE-2026-9909 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-9882 MEDIUM

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-10019 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-10018 MEDIUM

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-10015 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-10009 HIGH

Google Chrome - External Control of Assumed-Immutable Web Parameter

CVE-2026-7571 HIGH

Keycloak: keycloak: access token disclosure and implicit flow bypass via forged client data

CVE-2026-8577 HIGH

Google Chrome < 148.0.7778.168 - Remote Code Execution via Integer Overflow in Fonts

CVE-2026-8573 HIGH

Google Chrome < 148.0.7778.168 - Integer Overflow in Codecs via Crafted Video File

CVE-2026-8567 MEDIUM

Google Chrome < 148.0.7778.168 - Integer Overflow in ANGLE via Crafted HTML Page

CVE-2026-8559 MEDIUM

Google Chrome < 148.0.7778.168 - Integer Overflow in Internationalization via Crafted HTML Page

CVE-2026-8534 HIGH

Google Chrome < 148.0.7778.168 - Sandbox Escape via GPU Integer Overflow

CVE-2026-8532 HIGH

Google Chrome < 148.0.7778.168 - Remote Code Execution via Integer Overflow in XML

CVE-2026-8519 HIGH

Google Chrome < 148.0.7778.168 - Integer Overflow in ANGLE via Crafted HTML Page

CVE-2026-8510 HIGH

Google Chrome < 148.0.7778.168 - Integer Overflow in Skia via Crafted HTML Page

CVE-2026-7973 HIGH

Google Chrome < 148.0.7778.96 - Integer Overflow in Dawn

CVE-2026-7969 MEDIUM

Google Chrome < 148.0.7778.96 - Same Origin Policy Bypass via Integer Overflow in Network

CVE-2026-7942 MEDIUM

Google Chrome < 148.0.7778.96 - Integer Overflow in ANGLE

CVE-2026-7912 MEDIUM

Google Chrome < 148.0.7778.96 - Integer Overflow in GPU

CVE-2026-7903 HIGH

Google Chrome < 148.0.7778.96 - Integer Overflow in ANGLE via Crafted HTML Page

CVE-2026-7896 HIGH

Google Chrome < 148.0.7778.96 - Remote Code Execution via Integer Overflow in Blink

CVE-2026-32699 MEDIUM

FacturaScripts unauthorized modification of immutable nick field via EditUser controller

CVE-2026-7340 MEDIUM

Google Chrome < 147.0.7727.138 - Integer Overflow in ANGLE via Crafted HTML Page

CVE-2026-4911 MEDIUM

Booking Package <= 1.7.06 - Unauthenticated Price Manipulation via 'amount' Parameter

CVE-2026-41353 HIGH

OpenClaw < 2026.3.22 - allowProfiles Bypass via Profile Mutation and Runtime Selection

Previous Page 2 of 5 Next

Details

Vulnerabilities 123

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy