CWE-807

82 CVEs classified under CWE-807. Browse by severity and year.

Top CVEs for CWE-807
CVESeverityScorePublishedSummary
CVE-2026-48491Critical10.02026-06-23Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection (SNI…
CVE-2025-66570Critical10.02025-12-05cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to i…
CVE-2023-45128Critical10.02023-10-16Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allow…
CVE-2026-44649Critical9.82026-05-29SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-…
CVE-2026-24120Critical9.82026-05-04vm2 is an open source vm/sandbox for Node.js. Prior to version 3.10.5, the fix for CVE-2023-37466 is insufficient and can be circumvented allowing attackers to…
CVE-2025-13926Critical9.82026-04-09An attacker could use data obtained by sniffing the network traffic to forge packets in order to make arbitrary requests to Contemporary Controls BASC 20T.
CVE-2026-32975Critical9.82026-03-29OpenClaw before 2026.3.12 contains a weak authorization vulnerability in Zalouser allowlist mode that matches mutable group display names instead of stable gro…
CVE-2025-12488Critical9.82025-11-06oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability. This vulnerability allows remote attackers…
CVE-2025-12487Critical9.82025-11-06oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability. This vulnerability allows remote attackers…
CVE-2025-49827Critical9.82025-07-15Conjur provides secrets management and application identity for infrastructure. Conjur OSS versions 1.19.5 through 1.22.0 and Secrets Manager, Self-Hosted (for…
CVE-2025-1126Critical9.32025-02-11A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client.
CVE-2024-29039Critical9.02024-06-28tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by alte…
CVE-2026-33068High8.82026-03-20Claude Code is an agentic coding tool. Versions prior to 2.1.53 resolved the permission mode from settings files, including the repo-controlled .claude/setting…
CVE-2024-55354High8.82025-04-08Lucee before 5.4.7.3 LTS and 6 before 6.1.1.118, when an attacker can place files on the server, is vulnerable to a protection mechanism failure that can let a…
CVE-2024-28824High8.82024-03-22Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0…
CVE-2021-31999High8.82021-07-15A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the…
CVE-2024-5754High8.22024-09-13BT: Encryption procedure host vulnerability
CVE-2026-43935High8.12026-05-26e107 is a content management system (CMS). Prior to 2.3.4, a Host Header Injection vulnerability in the password reset page allows attackers to manipulate the…
CVE-2026-31892High8.12026-03-11Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 2.9.0 to before 4.0.2 and 3.7.11, A user…
CVE-2024-13974High8.12025-07-21A business logic vulnerability in the Up2Date component of Sophos Firewall older than version 21.0 MR1 (20.0.1) can lead to attackers controlling the firewall’…