Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-754

CWE-754

Medium likelihood

Improper Check for Unusual or Exceptional Conditions

Parent: CWE-703 - Improper Check or Handling of Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

588 vulnerabilities with CWE-754

CVE-2026-20754 MEDIUM

Intel(R) NPU Drivers - Denial of Service via Improper Conditions Check

CVE-2026-42349 HIGH

Clerk: Authorization bypass when combining organization, billing, or reverification checks

CVE-2026-42246 HIGH

net-imap vulnerable to STARTTLS stripping via invalid response timing

CVE-2026-8091 CRITICAL

Incorrect boundary conditions in the Audio/Video: Playback component

CVE-2026-41662 MEDIUM

Admidio: Missing Minimum Administrator Check in Role Membership Removal

CVE-2026-35225 HIGH

Improper timeout handling in CODESYS EtherNetIP

CVE-2026-34066 MEDIUM

nimiq-blockchain: Peer-triggerable panic during history sync

CVE-2026-35366 MEDIUM

uutils coreutils printenv Security Inspection Bypass via UTF-8 Enforcement

CVE-2026-40343 MEDIUM

free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation

CVE-2026-6772 HIGH

Incorrect boundary conditions in the Libraries component in NSS

CVE-2026-6766 HIGH

Incorrect boundary conditions in the Libraries component in NSS

CVE-2026-40249 MEDIUM

free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors

CVE-2026-21009 MEDIUM

Samsung Mobile Devices - App Pinning Bypass

CVE-2026-21007 MEDIUM

Samsung Mobile Devices - Auth Bypass

CVE-2026-33790 HIGH

Junos OS: SRX Series: In a NAT64 configuration, receipt of a specific, malformed ICMPv6 packet will cause the srxpfe process to crash and restart.

CVE-2026-33787 MEDIUM

Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specific show command is executed chassisd crashes

CVE-2026-33786 MEDIUM

Junos OS: SRX1600, SRX2300, SRX4300: When a specific show command is executed chassisd crashes

CVE-2026-33781 MEDIUM

Junos OS: EX Series, QFX Series: In a VXLAN scenario when specific control protocol packets are received, memory leaks and eventually no traffic is passed

CVE-2026-33774 MEDIUM

Junos OS: MX Series: Firewall filters on lo0.<non-0> in the default routing instance are not in effect

CVE-2026-40069 HIGH

bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts

CVE-2026-31790 HIGH

Incorrect Failure Handling in RSA KEM RSASVE Encapsulation

CVE-2026-39395 MEDIUM

Cosign's verify-blob-attestation reports false positive when payload parsing fails

CVE-2026-4748 HIGH

pf silently ignores certain rules

CVE-2026-33939 HIGH

Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation

CVE-2026-3109 LOW

Missing timestamp validation in Zoom webhook handler

Previous Page 2 of 24 Next

Details

Vulnerabilities 588

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy