CWE-668
Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
685 vulnerabilities with CWE-668
CVE-2026-29093
HIGH
WWBN AVideo <24.0 - Session Hijacking
CVSS 8.1
CVE-2025-68467
LOW
Dark Reader - Info Disclosure
CVSS 3.4
CVE-2026-27466
HIGH
BigBlueButton <=3.0.21 - DoS
CVSS 7.2
CVE-2026-26057
MEDIUM
Skill Scanner API Server - DoS/File Upload
CVSS 6.5
CVE-2026-21528
MEDIUM
Microsoft Azure Iot Explorer < 0.15.13 - Exposure to Wrong Actor
CVSS 6.5
CVE-2026-25643
CRITICAL
Frigate <0.16.4 - RCE
CVSS 9.1
CVE-2026-25725
CRITICAL
Claude Code <2.1.2 - Info Disclosure
CVSS 10.0
CVE-2025-61917
HIGH
NPM N8n < 1.114.3 - Information Disclosure
CVSS 7.7
CVE-2026-24473
MEDIUM
Hono <4.11.7 - Info Disclosure
CVSS 5.3
CVE-2026-23763
VB-Audio Matrix <2.0.2.2 - Privilege Escalation
CVE-2025-25176
CRITICAL
Platform - Info Disclosure
CVSS 9.1
CVE-2025-15114
CRITICAL
Ksenia Security Lares 4.0 Home Automation <1.6 - Info Disclosure
CVSS 9.8
CVE-2025-64168
HIGH
Pypi Agno < 2.2.2 - Race Condition
CVSS 7.1
CVE-2025-12351
MEDIUM
Honeywell S35 Series Cameras - Privilege Escalation
CVSS 6.8
CVE-2023-53392
HIGH
Linux Kernel - Buffer Overflow
CVSS 7.1
CVE-2025-55583
CRITICAL
D-Link DIR-868L B1 - Command Injection
CVSS 9.8
CVE-2025-38670
HIGH
Linux Kernel < 5.10.210 - Exposure to Wrong Actor
CVSS 7.1
CVE-2025-9074
Docker Desktop - Privilege Escalation
CVE-2025-38521
HIGH
Linux Kernel < 6.12.39 - Exposure to Wrong Actor
CVSS 7.1
CVE-2025-55077
HIGH
Tyler Technologies ERP Pro 9 SaaS - Command Injection
CVSS 7.4
CVE-2025-54126
MEDIUM
Bytecodealliance Webassembly Micro Runtime - Exposure to Wrong Actor
CVSS 5.3
CVE-2025-8107
MEDIUM
OceanBase <Oracle Mode - Privilege Escalation
CVSS 6.3
CVE-2025-34119
EasyCafe Server <2.2.14 - Info Disclosure
CVE-2025-6788
TGML < unknown - Info Disclosure
CVE-2025-34064
OneLogin AD Connector - Info Disclosure
Details
Vulnerabilities
685