CWE-494
Medium likelihoodDownload of Code Without Integrity Check
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.
188 vulnerabilities with CWE-494
CVE-2026-3000
CRITICAL
IDExpert Windows Logon Agent - RCE
CVSS 9.8
CVE-2026-2999
CRITICAL
IDExpert Windows Logon Agent - RCE
CVSS 9.8
CVE-2025-47904
MEDIUM
Microchip Time Provider 4100 <2.5 - Code Injection
CVSS 4.1
CVE-2026-27180
CRITICAL
MajorDoMo - Unauthenticated RCE
CVSS 9.8
CVE-2025-15575
MEDIUM
Firmware Update - Code Injection
CVSS 5.3
CVE-2026-25961
HIGH
SumatraPDF <3.5.2 - RCE
CVSS 7.5
CVE-2026-20056
MEDIUM
Cisco AsyncOS - Auth Bypass
CVSS 4.0
CVE-2025-15556
HIGHKEV
Notepad-plus-plus Notepad++ < 8.8.9 - Download Without Integrity Check
CVSS 7.5
CVE-2026-22865
HIGH
Gradle <9.3.0 - Info Disclosure
CVSS 7.4
CVE-2026-22816
HIGH
Gradle <9.3.0 - Info Disclosure
CVSS 7.4
CVE-2025-69263
HIGH
Pnpm < 10.26.0 - Download Without Integrity Check
CVSS 7.5
CVE-2025-68109
CRITICAL
Churchcrm < 6.5.3 - Remote Code Execution
CVSS 9.1
CVE-2025-65855
MEDIUM
Netun Solutions HelpFlash IoT v18_178_221102_ASCII_PRO_1R5_50 - RCE
CVSS 6.6
CVE-2025-55310
HIGH
Foxit PDF & Editor <13.2-2025.2 - Info Disclosure
CVSS 7.3
CVE-2025-14265
CRITICAL
ScreenConnect <25.8 - Code Injection
CVSS 9.1
CVE-2025-66334
LOW
Office Service - DoS
CVSS 3.3
CVE-2025-66333
LOW
Office Service - DoS
CVSS 3.3
CVE-2025-66332
LOW
Office Service - DoS
CVSS 3.3
CVE-2025-66331
LOW
Office Service - DoS
CVSS 3.3
CVE-2025-61228
HIGH
Shirt Pocket SuperDuper! <3.10 - RCE
CVSS 7.8
CVE-2025-63434
HIGH
Xtooltech Xtool AnyScan Android App <4.40.40 - RCE
CVSS 8.8
CVE-2025-40604
CRITICAL
Sonicwall Email Security Appliance 50... - Download Without Integrity Check
CVSS 9.8
CVE-2025-63220
HIGH
Sound4 FIRST - RCE
CVSS 7.2
CVE-2025-63215
HIGH
Sound4 IMPACT - RCE
CVSS 7.2
CVE-2025-52263
HIGH
Startcharge Artemis AC Charger 7-22 kW v1.0.4 - Authenticated RCE
CVSS 8.0
Details
Vulnerabilities
188
Exploit Likelihood
Medium