CWE-693

Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

443 vulnerabilities with CWE-693
CVE-2026-5276 MEDIUM
Google Chrome <146.0.7680.178 - Info Disclosure
CVSS 6.5
CVE-2026-27893 HIGH
vLLM's hardcoded trust_remote_code=True in NemotronVL and KimiK25 bypasses user security opt-out
CVSS 8.8
CVE-2026-33622 HIGH
A PinchTab Security Policy Bypass in /wait Allows Arbitrary JavaScript Execution
CVSS 8.8
CVE-2026-33396 CRITICAL
OneUptime has sandbox escape in Synthetic Monitor Playwright runtime allows project members to execute arbitrary commands on Probe
CVSS 9.9
CVE-2026-20701 HIGH
macOS <14.8.5 - Privilege Escalation
CVSS 7.5
CVE-2026-20665 MEDIUM
Apple Safari < 26.4 - Denial of Service
CVSS 6.5
CVE-2026-32947 MEDIUM
Egress Policy Bypass via DNS over HTTPS (DoH) in Harden-Runner (Community Tier)
CVSS 4.9
CVE-2026-32946 LOW
Egress Policy Bypass via DNS over TCP in Harden-Runner (Community Tier)
CVSS 2.7
CVE-2026-28500 HIGH
ONNX Untrusted Model Repository Warnings Suppressed by silent=True in onnx.hub.load() — Silent Supply-Chain Attack
CVSS 8.6
CVE-2026-3965 MEDIUM
Whyour Qinglong <=2.20.1 - Auth Bypass
CVSS 6.3
CVE-2026-0118 HIGH
oobconfig - Privilege Escalation
CVSS 8.4
CVE-2026-30938 MEDIUM
Parse Server <8.6.12/9.5.1-alpha.1 - Auth Bypass
CVSS 5.3
CVE-2026-0017 HIGH
BiometricService.java - Privilege Escalation
CVSS 7.7
CVE-2026-0012 MEDIUM
ExpandableNotificationRow - Info Disclosure
CVSS 6.2
CVE-2026-0011 HIGH
Android Settings - Privilege Escalation
CVSS 8.4
CVE-2026-2803 HIGH
Firefox <148 - Info Disclosure
CVSS 7.5
CVE-2026-2768 CRITICAL
Firefox <148 - Sandbox Escape
CVSS 10.0
CVE-2026-2761 CRITICAL
Firefox <148 - Sandbox Escape
CVSS 10.0
CVE-2026-26994 MEDIUM
uTLS <=1.6.7 - TLS Downgrade Vulnerability
CVSS 6.5
CVE-2026-20667 HIGH
watchOS <26.3 - Info Disclosure
CVSS 8.8
CVE-2026-21513 HIGH KEV
MSHTML Framework - Auth Bypass
CVSS 8.8
CVE-2026-21510 HIGH KEV
Microsoft Windows Shell - Protection Mechanism Failure
CVSS 8.8
CVE-2026-25115 CRITICAL
n8n <2.4.8 - Code Injection
CVSS 9.9
CVE-2026-25056 HIGH
N8n < 1.118.0 - Remote Code Execution
CVSS 8.8
CVE-2026-0620 MEDIUM
Archer AXE75 V1 - Info Disclosure
Details
Vulnerabilities 443
Links
MITRE CWE Entry Search this CWE With Exploits