CWE-693
Protection Mechanism Failure
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
550 vulnerabilities with CWE-693
CVE-2026-23830
CRITICAL
sandboxjs < 0.8.26 - Remote Code Execution via AsyncFunction Constructor Access
CVSS 10.0
CVE-2026-24868
MEDIUM
Firefox < 147.0.2 - Privilege Escalation
CVSS 6.5
CVE-2026-22709
CRITICAL
NPM Vm2 < 3.10.2 - Code Injection
CVSS 9.8
CVE-2026-22686
CRITICAL
enclave-vm < 2.7.0 - Sandbox Escape via Host Error Prototype Chain Traversal
CVSS 10.0
CVE-2026-20824
MEDIUM
Microsoft Windows Remote Assistance - Protection Mechanism Failure
CVSS 5.5
CVE-2026-0881
CRITICAL
Firefox and Thunderbird < 147.0 - Sandbox Escape via Messaging System Component
CVSS 10.0
CVE-2026-0877
HIGH
Firefox <147- Thunderbird <140.7 - Mitigation Bypass
CVSS 8.1
CVE-2025-30431
MEDIUM
Apple macOS - Protection Mechanism Failure
CVSS 5.5
CVE-2025-24284
HIGH
Apple macOS < 15.4 - Protection Mechanism Failure
CVSS 8.8
CVE-2025-52609
LOW
HCL iControl was affected by Missing Security Headers vulnerability.
CVSS 3.7
CVE-2025-48652
HIGH
Android 15-16 InstallRepository - MDM Policy Bypass Privilege Escalation
CVSS 7.8
CVE-2025-48649
HIGH
Android 14-16 - Permission Selection Reset Privilege Escalation
CVSS 7.8
CVE-2025-15618
CRITICAL
Business::OnlinePayment::StoredTransaction versions through 0.01 for Perl uses an insecure secret key
CVSS 9.1
CVE-2025-52643
MEDIUM
HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed within a properly isolated sandbox environment
CVSS 4.7
CVE-2025-48653
HIGH
Android - Local Privilege Escalation via Permission Usage Logic Error
CVSS 7.8
CVE-2025-48635
HIGH
TaskFragmentOrganizerController - Privilege Escalation
CVSS 7.7
CVE-2025-48605
HIGH
KeyguardViewMediator - Privilege Escalation
CVSS 8.4
CVE-2025-48602
HIGH
KeyguardViewMediator - Privilege Escalation
CVSS 8.4
CVE-2025-58406
MEDIUM
CGM CLININET < 2025.ms3 - Protection Mechanism Failure via Missing Security Headers
CVSS 4.3
CVE-2025-46290
HIGH
macOS < 14.8.4 - Denial of Service
CVSS 7.5
CVE-2025-40536
HIGH
KEV
SolarWinds Web Help Desk unauthenticated RCE
CVSS 8.1
CVE-2025-55249
LOW
HCL AION - Missing Security Response Headers
CVSS 3.5
CVE-2025-69264
HIGH
pnpm 10.0.0-10.25 - Remote Code Execution via Git Dependency Lifecycle Scripts
CVSS 8.8
CVE-2025-15422
MEDIUM
EmpireSoft EmpireCMS <8.0 - Code Injection
CVSS 5.3
CVE-2025-68668
CRITICAL
n8n 1.0.0-<2.0.0 - Authenticated Remote Code Execution via Python Code Node Sandbox Bypass
CVSS 9.9
Details
Vulnerabilities
550