CWE-693

Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

443 vulnerabilities with CWE-693
CVE-2026-41316 HIGH
ERB has an @_init deserialization guard bypass via def_module / def_method / def_class
CVSS 8.1
CVE-2026-41469 MEDIUM
Beghelli Sicuro24 SicuroWeb Missing Content Security Policy
CVSS 5.2
CVE-2026-22753 HIGH
Servlet Path Not Correctly Included in Path Matching of HttpSecurity#securityMatchers
CVSS 7.5
CVE-2026-22013 MEDIUM
Oracle Java SE 8u481 - Memory Corruption
CVSS 5.3
CVE-2026-40604 MEDIUM
ClearanceKit: opfilter system extension can be suspended or signalled by a root process, disabling file-access policy enforcement
CVSS 4.4
CVE-2026-6774 MEDIUM
Mitigation bypass in the DOM: Security component
CVSS 5.4
CVE-2026-6763 MEDIUM
Mitigation bypass in the File Handling component
CVSS 6.5
CVE-2026-29649 CRITICAL
NEMU - Denial of Service via RISC-V Hypervisor CSR Handling Flaw
CVSS 9.8
CVE-2026-32225 HIGH
Windows Shell Security Feature Bypass Vulnerability
CVSS 8.8
CVE-2026-32202 MEDIUM KEV
Windows Shell Spoofing Vulnerability
CVSS 4.3
CVE-2026-22692 MEDIUM
October CMS: Twig Sandbox Bypass via Collection Methods
CVSS 4.9
CVE-2026-39419 LOW
MaxKB: Sandbox Result Validation Bypass via Tool Output Spoofing
CVSS 3.1
CVE-2026-39421 MEDIUM
MaxKB: Sandbox escape via ctypes and unhooked SYS_pkey_mprotect
CVSS 6.3
CVE-2026-39420 MEDIUM
MaxKB: Sandbox escape via LD_PRELOAD bypass
CVSS 6.3
CVE-2026-40311 MEDIUM
ImageMagick: Heap-use-after-free via XMP profile could result in a crash when printing values
CVSS 5.5
CVE-2026-40158 HIGH
PraisonAI has Improper Control of Generation of Code ('Code Injection') and Protection Mechanism Failure in praisonai
CVSS 8.6
CVE-2026-5911 MEDIUM
Google Chrome <147.0.7727.55 - Policy Bypass
CVSS 4.3
CVE-2026-5903 MEDIUM
Google Chrome <147.0.7727.55 - Policy Bypass
CVSS 6.5
CVE-2026-5900 MEDIUM
Google Chrome <147.0.7727.55 - Policy Bypass
CVSS 4.3
CVE-2026-5896 MEDIUM
Google Chrome <147.0.7727.55 - Policy Bypass
CVSS 6.1
CVE-2026-39888 CRITICAL
PraisonAIAgents has a sandbox escape via exception frame traversal in `execute_code` (subprocess mode)
CVSS 9.9
CVE-2026-35408 HIGH
Directus is Missing Cross-Origin Opener Policy
CVSS 8.7
CVE-2026-34208 CRITICAL
SandboxJS: Sandbox integrity escape
CVSS 10.0
CVE-2026-34938 CRITICAL
PraisonAI: Python Sandbox Escape via str Subclass startswith() Override in execute_code
CVSS 10.0
CVE-2026-34072 HIGH
cronmaster: Middleware authentication bypass enabling unauthorized page access and server-action execution
CVSS 8.3
Details
Vulnerabilities 443
Links
MITRE CWE Entry Search this CWE With Exploits