Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

719 vulnerabilities with CWE-668

CVE-2026-34217 HIGH

SandboxJS <0.8.36 New Handler - Scope Object Leak

CVE-2026-34780 HIGH

Electron: Context Isolation bypass via contextBridge VideoFrame transfer

CVE-2026-20160 CRITICAL

Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability

CVE-2026-33573 HIGH

OpenClaw < 2026.3.11 - Workspace Boundary Bypass via Agent RPC Parameters

CVE-2026-28779 HIGH

Apache Airflow: Path of session token in cookie does not consider base_url - session hijacking via co-hosted applications

CVE-2026-28806 HIGH

nerves-hub nerves_hub_web - Privilege Escalation

CVE-2026-29093 HIGH

WWBN AVideo <24.0 - Session Hijacking

CVE-2026-2297 MEDIUM

CPython < 3.15.0a7 - Unprotected User Data Exposure via SourcelessFileLoader Import Hook

CVE-2026-27466 HIGH

BigBlueButton < 3.0.22 - Denial of Service via ClamAV Port Exposure

CVE-2026-26057 MEDIUM

Skill Scanner API Server - DoS/File Upload

CVE-2026-21528 MEDIUM

Azure IoT Explorer < 0.15.13 - Unauthenticated Information Disclosure via Unrestricted IP Binding

CVE-2026-25643 CRITICAL

Frigate < 0.16.4 - Remote Command Execution via go2rtc exec Directive

CVE-2026-25725 CRITICAL

Claude Code <2.1.2 - Info Disclosure

CVE-2026-24473 MEDIUM

Hono < 4.11.7 - Information Disclosure via Serve Static Middleware Path Validation

CVE-2026-23763 HIGH

VB-Audio Matrix <2.0.2.2 - Privilege Escalation

CVE-2025-15653 MEDIUM

Dräger Zeus IE Anesthesia Workstation USB Interface Privilege Escalation

CVE-2025-54502 HIGH

AMD EPYC and Ryzen Processors - Privilege Escalation via APCB SMM Driver Boot Service Misuse

CVE-2025-22444 MEDIUM

Intel UEFI PdaSmm - Info Disclosure

CVE-2025-68467 LOW

Dark Reader - Info Disclosure

CVE-2025-61917 HIGH

NPM N8n < 1.114.3 - Information Disclosure

CVE-2025-25176 CRITICAL

ImaginationTech DDK < 25.3 - Unauthorized Secure Workload Register Exfiltration

CVE-2025-15114 CRITICAL

Ksenia Security Lares 4.0 Home Automation <1.6 - Info Disclosure

CVE-2025-64168 HIGH

Agno 2.0.0-2.2.1 - Unprotected User Data Exposure via Session State Race Condition

CVE-2025-12351 MEDIUM

Honeywell S35 Series Cameras - Privilege Escalation

CVE-2025-55583 CRITICAL

D-Link DIR-868L B1 - Command Injection

Previous Page 2 of 29 Next

Details

Vulnerabilities 719

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy