Search

Blog Stats Labs CLI MCP API Limits About Privacy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Blog Statistics Labs CLI Tool MCP Server API Documentation Rate Limits About Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-706

CWE-706

Use of Incorrectly-Resolved Name or Reference

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.

93 vulnerabilities with CWE-706

CVE-2026-30856 MEDIUM

WeKnora <0.3.0 - Command Injection

@opennextjs/cloudflare - SSRF

CVE-2026-25890 HIGH

Filebrowser < 2.57.1 - Incorrect Authorization

CVE-2026-25067 MEDIUM

SmarterTools SmarterMail <9518 - Path Traversal

CVE-2025-65474 CRITICAL

EasyImages <2.8.6 - RCE

CVE-2025-65105 MEDIUM

Apptainer <1.4.5 - Privilege Escalation

CVE-2025-64750 MEDIUM

SingularityCE <4.3.5 & SingularityPRO 4.1.11 & 4.3.5 - SSRF

zx - Use After Free

CVE-2025-62378 MEDIUM

CommandKit 1.2.0-rc.1-1.2.0-rc.11 - Info Disclosure

CVE-2025-58362 HIGH

Hono 4.8.0-4.9.5 - Path Traversal

CVE-2014-125125

A10 Networks AX Loadbalancer <2.7.0 - Path Traversal

CVE-2025-3941 MEDIUM

Tridium Niagara <4.14.2-4.15.1-4.10.11 - Input Data Manipulation

CVE-2025-48136 HIGH

Estatik Mortgage Calculator <2.0.12 - Code Injection

CVE-2025-30357 HIGH

NamelessMC <2.1.4 - Info Disclosure

CVE-2025-30870 HIGH

WP Travel Engine <6.3.5 - Code Injection

CVE-2025-30849 HIGH

g5theme Essential Real Estate <5.2.0 - Code Injection

CVE-2025-29914 MEDIUM

OWASP Coraza WAF <3.3.3 - Info Disclosure

CVE-2025-24813 CRITICALKEV

Tomcat Partial PUT Java Deserialization

CVE-2025-24733 MEDIUM

AddonMaster Post Grid Master <3.4.12 - Code Injection

CVE-2024-57785 MEDIUM

Zenitel AlphaWeb XE 11.2.3.10 - Local File Inclusion

CVE-2024-55058 MEDIUM

PHPGurukul Online Birth Certificate System v1.0 - IDOR

CVE-2024-53739 HIGH

Cool Plugins Cryptocurrency Widgets For Elementor <1.6.4 - Code Inj...

CVE-2024-52515 MEDIUM

Nextcloud Server <27.1.10,28.0.6,29.0.1 - Path Traversal

Gitsign - Info Disclosure

CVE-2024-45305 LOW

gix-path - Info Disclosure

Page 1 of 4 Next

Details

Vulnerabilities 93

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy