CWE-611
Improper Restriction of XML External Entity Reference
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
1,228 vulnerabilities with CWE-611
CVE-2025-10713
MEDIUM
Wso2 API Control Plane - XXE
CVSS 6.5
CVE-2025-12531
HIGH
IBM InfoSphere Information Server <11.7.1.6 - XXE
CVSS 7.1
CVE-2025-64134
HIGH
Jenkins Jdepend < 1.3.1 - XXE
CVSS 7.1
CVE-2025-46425
MEDIUM
Dell Storage Center - Dell Storage Manager <20.1.20 - XML External ...
CVSS 6.5
CVE-2025-6985
HIGH
Pypi Langchain-text-splitters < 0.3.9 - XXE
CVSS 7.5
CVE-2025-11341
HIGH
Jinher OA <2.0 - SSRF
CVSS 7.3
CVE-2025-20369
MEDIUM
Splunk <9.4.4, <9.3.6, <9.2.8 - DoS
CVSS 4.6
CVE-2025-48006
CRITICAL
Saison Dataspider Servista < 4.4 - XXE
CVSS 9.1
CVE-2025-11140
HIGH
Bjskzy Zhiyou ERP <11.0 - SSRF
CVSS 7.3
CVE-2025-11035
MEDIUM
Jinher OA 2.0 - SSRF
CVSS 6.3
CVE-2025-10816
HIGH
Jinher OA - XXE
CVSS 7.3
CVE-2025-10183
CRITICAL
TecCom TecConnect <4.1 - XSS
CVSS 9.1
CVE-2025-10092
HIGH
Jinher OA < 1.2 - XXE
CVSS 7.3
CVE-2025-10091
HIGH
Jinher OA < 1.2 - XXE
CVSS 7.3
CVE-2025-35112
MEDIUM
Atlassian Agiloft < 31 - XXE
CVSS 4.1
CVE-2025-57704
MEDIUM
Delta Electronics EIP Builder <1.11 - Info Disclosure
CVSS 5.5
CVE-2025-54988
HIGH
Apache Tika < 3.2.2 - XXE
CVSS 8.4
CVE-2025-4044
HIGH
Lexmark Printer Drivers - Info Disclosure
CVSS 8.2
CVE-2025-26484
MEDIUM
Dell Cloudlink < 8.1.2 - XXE
CVSS 5.5
CVE-2025-40584
MEDIUM
SIMOTION SCOUT TIA/V - Info Disclosure
CVSS 5.5
CVE-2025-54992
MEDIUM
OpenKilda <1.164.0 - Info Disclosure
CVE-2025-8355
HIGH
Xerox Freeflow Core - XXE
CVSS 7.5
CVE-2025-54254
HIGH
Adobe Experience Manager Forms < 6.5.23.0 - XXE
CVSS 8.6
CVE-2025-36608
MEDIUM
Dell Smartfabric Os10 < 10.6.0.5 - XXE
CVSS 6.5
CVE-2025-26400
MEDIUM
Solarwinds Web Help Desk < 12.8.7 - XXE
CVSS 5.3
Details
Vulnerabilities
1,228