CWE-265
10 CVEs classified under CWE-265. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-26122 | High | 8.8 | 2023-04-11 | All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollutio… |
CVE-2026-9368 | High | 7.3 | 2026-05-24 | A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This impacts the function execute_code of the file tools/code_execution_tool.py of… |
CVE-2026-6224 | High | 7.3 | 2026-04-13 | A security flaw has been discovered in nocobase plugin-workflow-javascript up to 2.0.23. This issue affects the function createSafeConsole of the file packages… |
CVE-2026-6117 | Medium | 6.3 | 2026-04-12 | A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. This issue affects the function install_plugin_upload of the file astrbot/dashboard/routes/plugi… |
CVE-2025-5321 | Medium | 6.3 | 2025-05-29 | A vulnerability classified as critical was found in aimhubio aim up to 3.29.1. This vulnerability affects the function RestrictedPythonQuery of the file /aim/s… |
CVE-2023-5223 | Medium | 6.3 | 2023-09-27 | A vulnerability, which was classified as critical, has been found in HimitZH HOJ up to 4.6-9a65e3f. This issue affects some unknown processing of the component… |
CVE-2026-6878 | Medium | 5.6 | 2026-04-23 | A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function math_equal of the file prime_math/grader.py. The manipulation leads to s… |
CVE-2024-2007 | Medium | 5.3 | 2024-02-29 | A vulnerability was found in OpenBMB XAgent 1.0.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the componen… |
CVE-2025-5874 | Medium | 4.6 | 2025-06-09 | A vulnerability was found in Redash up to 10.1.0/25.1.0. It has been rated as problematic. This issue affects the function run_query of the file /query_runner/… |
CVE-2020-1889 | | 2020-09-03 | A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron and escalation of privilege i… |