CWE-807
82 CVEs classified under CWE-807. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-48491 | Critical | 10.0 | 2026-06-23 | Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection (SNI… |
CVE-2025-66570 | Critical | 10.0 | 2025-12-05 | cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to i… |
CVE-2023-45128 | Critical | 10.0 | 2023-10-16 | Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allow… |
CVE-2026-44649 | Critical | 9.8 | 2026-05-29 | SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-… |
CVE-2026-24120 | Critical | 9.8 | 2026-05-04 | vm2 is an open source vm/sandbox for Node.js. Prior to version 3.10.5, the fix for CVE-2023-37466 is insufficient and can be circumvented allowing attackers to… |
CVE-2025-13926 | Critical | 9.8 | 2026-04-09 | An attacker could use data obtained by sniffing the network traffic to forge packets in order to make arbitrary requests to Contemporary Controls BASC 20T. |
CVE-2026-32975 | Critical | 9.8 | 2026-03-29 | OpenClaw before 2026.3.12 contains a weak authorization vulnerability in Zalouser allowlist mode that matches mutable group display names instead of stable gro… |
CVE-2025-12488 | Critical | 9.8 | 2025-11-06 | oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability. This vulnerability allows remote attackers… |
CVE-2025-12487 | Critical | 9.8 | 2025-11-06 | oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability. This vulnerability allows remote attackers… |
CVE-2025-49827 | Critical | 9.8 | 2025-07-15 | Conjur provides secrets management and application identity for infrastructure. Conjur OSS versions 1.19.5 through 1.22.0 and Secrets Manager, Self-Hosted (for… |
CVE-2025-1126 | Critical | 9.3 | 2025-02-11 | A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client. |
CVE-2024-29039 | Critical | 9.0 | 2024-06-28 | tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by alte… |
CVE-2026-33068 | High | 8.8 | 2026-03-20 | Claude Code is an agentic coding tool. Versions prior to 2.1.53 resolved the permission mode from settings files, including the repo-controlled .claude/setting… |
CVE-2024-55354 | High | 8.8 | 2025-04-08 | Lucee before 5.4.7.3 LTS and 6 before 6.1.1.118, when an attacker can place files on the server, is vulnerable to a protection mechanism failure that can let a… |
CVE-2024-28824 | High | 8.8 | 2024-03-22 | Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0… |
CVE-2021-31999 | High | 8.8 | 2021-07-15 | A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the… |
CVE-2024-5754 | High | 8.2 | 2024-09-13 | BT: Encryption procedure host vulnerability |
CVE-2026-43935 | High | 8.1 | 2026-05-26 | e107 is a content management system (CMS). Prior to 2.3.4, a Host Header Injection vulnerability in the password reset page allows attackers to manipulate the… |
CVE-2026-31892 | High | 8.1 | 2026-03-11 | Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 2.9.0 to before 4.0.2 and 3.7.11, A user… |
CVE-2024-13974 | High | 8.1 | 2025-07-21 | A business logic vulnerability in the Up2Date component of Sophos Firewall older than version 21.0 MR1 (20.0.1) can lead to attackers controlling the firewall’… |