Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-669

CWE-669

Incorrect Resource Transfer Between Spheres

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource.

96 vulnerabilities with CWE-669

CVE-2026-12068 HIGH

Avira Password Manager credential disclosure via cross-origin autofill in Firefox

CVE-2026-44917 MEDIUM

Openstack Ironic - Incorrect Resource Transfer Between Spheres

CVE-2026-46447 MEDIUM

OpenStack Ironic through 35.0.x - Boot Script Injection

CVE-2026-48847 LOW

Roundcube Webmail - Incorrect Resource Transfer Between Spheres

CVE-2026-48846 MEDIUM

Roundcube Webmail - Incorrect Resource Transfer Between Spheres

CVE-2026-48845 MEDIUM

Roundcube Webmail - Incorrect Resource Transfer Between Spheres

CVE-2026-48831 HIGH

Wine < 11.0 - Incorrect Resource Transfer Between Spheres

CVE-2026-44599 LOW

Tor < 0.4.9.7 - Incorrect Resource Transfer via Conflux Legs

CVE-2026-42997 HIGH

OpenStack Ironic <26.1.6 - Auth Bypass

CVE-2026-40552 MEDIUM

Remote Code Execution in mpGabinet

CVE-2026-41525 MEDIUM

KDE Dolphin <25.12.3 - Path Traversal

CVE-2026-31431 HIGH KEV

crypto: algif_aead - Revert to operating out-of-place

CVE-2026-41030 MEDIUM

ONLYOFFICE DesktopEditors <9.3.0 - Privilege Escalation

CVE-2026-40228 LOW

systemd 259 - Unauthenticated Terminal Injection via ANSI Escape Sequences

CVE-2026-40225 MEDIUM

systemd <260 - Privilege Escalation

CVE-2026-35545 MEDIUM

Roundcube Webmail < 1.5.15, 1.6.0-1.6.15, 1.7-beta-1.7-rc5 - Information Disclosure via SVG Animate Element Bypass

CVE-2026-35544 MEDIUM

Roundcube Webmail <1.5.14 - CSS Sanitization Bypass

CVE-2026-35543 MEDIUM

Roundcube Webmail < 1.5.14, 1.6.0-1.6.14, 1.7-beta-1.7-rc5 - Information Disclosure via SVG Animate Attribute Bypass

CVE-2026-35542 MEDIUM

Roundcube Webmail <1.5.14, 1.6.0-1.6.14, 1.7-beta-1.7-rc5 - Information Disclosure via Background Attribute Bypass

CVE-2026-35540 MEDIUM

Roundcube Webmail 1.6.0-1.6.13 - Server-Side Request Forgery via CSS Stylesheet Links

CVE-2026-33265 MEDIUM

LibreChat 0.8.1-rc2 - Authenticated JWT Scope Expansion to RAG API

CVE-2026-32772 LOW

GNU inetutils <=2.7 - Info Disclosure

CVE-2026-24708 HIGH

OpenStack Nova <30.2.2 - Memory Corruption

CVE-2026-25253 HIGH

OpenClaw <2026.1.29 - Info Disclosure

CVE-2025-41660 HIGH

CODESYS Control Boot Application Replacement Enables Code Execution

Page 1 of 4 Next

Details

Vulnerabilities 96

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy