CWE-653

44 CVEs classified under CWE-653. Browse by severity and year.

Top CVEs for CWE-653
CVESeverityScorePublishedSummary
CVE-2025-1974Critical9.82025-03-24A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary…
CVE-2025-12805High8.12026-03-26A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other…
CVE-2025-20109High7.82025-08-12Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable esc…
CVE-2024-0136High7.62025-01-28NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and…
CVE-2024-0135High7.62025-01-28NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A…
CVE-2024-47520High7.62025-01-10A user with advanced report application access rights can perform actions for which they are not authorized
CVE-2025-53710High7.52025-12-18Due to a product misconfiguration in certain deployment types, it was possible from different pods in the same namespace to communicate with each other. This i…
CVE-2026-4282High7.42026-04-02A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. This vulnerability allows an un…
CVE-2026-42782High7.22026-05-25Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malic…
CVE-2025-41688High7.22025-07-31A high privileged remote attacker can execute arbitrary OS commands using an undocumented method allowing to escape the implemented LUA sandbox.
CVE-2026-34775Medium6.82026-04-03Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.4, 40.8.4, and 41.0.0, t…
CVE-2025-29781Medium6.52025-03-17The Bare Metal Operator (BMO) implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitra…
CVE-2025-24986Medium6.52025-03-11Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network.
CVE-2024-30388Medium6.52024-04-12An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series…
CVE-2026-41174Medium6.42026-04-30Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a potential vulnerability in Traefik's Kubernet…
CVE-2025-5476Medium6.32025-06-21Sony XAV-AX8500 Bluetooth Improper Isolation Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication…
CVE-2023-1636Medium6.02023-09-24A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barb…
CVE-2025-12695Medium5.92025-11-04The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which consumes user input a…
CVE-2026-25905Medium5.82026-02-09The Python code being run by 'runPython' or 'runPythonAsync' is not isolated from the rest of the JS code, allowing any Python code to use the Pyodide APIs to…
CVE-2024-0137Medium5.52025-01-28NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the hos…