Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-129 (对数组索引的验证不恰当) — Vulnerability Class 180

180 vulnerabilities classified as CWE-129 (对数组索引的验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-40886 Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows controller — argo-workflows 7.7 High2026-04-23
CVE-2026-6840 ONE 输入验证错误漏洞 — ONE 5.5 Medium2026-04-22
CVE-2026-40097 Step CA affected by an index out of bounds panic in TPM attestation EKU validation — certificates 3.7 Low2026-04-10
CVE-2026-34942 Wasmtime panics when transcoding misaligned utf-16 strings — wasmtime 7.7AIHighAI2026-04-09
CVE-2026-21413 Libraw 安全漏洞 — LibRaw 9.8 Critical2026-04-07
CVE-2026-33762 go-git: Missing validation decoding Index v4 files leads to panic — go-git 2.8 Low2026-03-31
CVE-2026-33281 Ella Core panics on invalid PDU Session IDs in NGAP messages — core 6.5 Medium2026-03-23
CVE-2026-33022 Tekton Pipelines: Controller can panic when setting long resolver names in TaskRun/PipelineRun — pipeline 6.5 Medium2026-03-20
CVE-2026-32937 free5GC CHF has Out-of-Bounds Slice Access that Leads to DoS — chf 6.5 -2026-03-20
CVE-2026-26933 Improper Validation of Array Index in Packetbeat Leading to Denial of Service — Packetbeat 5.7 Medium2026-03-19
CVE-2026-3083 GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability — GStreamer 9.8 -2026-03-13
CVE-2026-26932 Improper Validation of Array Index in Packetbeat Leading to Denial of Service — Packetbeat 5.7 Medium2026-02-26
CVE-2026-25882 Fiber has a Denial of Service Vulnerability via Route Parameter Overflow — fiber 7.5AIHighAI2026-02-24
CVE-2025-69248 free5GC has Array Index Out of Bounds in AMF Leading to Denial of Service — amf 7.5AIHighAI2026-02-23
CVE-2023-20601 AMD Graphics Driver 安全漏洞 — AMD Radeon™ PRO VII 5.5AIMediumAI2026-02-12
CVE-2026-2006 PostgreSQL missing validation of multibyte character length executes arbitrary code — PostgreSQL 8.8 High2026-02-12
CVE-2026-25518 cert-manager-controller DoS via Specially Crafted DNS Response — cert-manager 5.9 Medium2026-02-04
CVE-2026-25068 alsa-lib 1.2.15.2 Topology Decoder Heap-based Buffer Overflow — alsa-lib 6.5 -2026-01-29
CVE-2026-0529 Improper Validation of Array Index in Packetbeat Leading to Overflow Buffers — Packetbeat 6.5 Medium2026-01-14
CVE-2026-0528 Improper Input Validation in Metricbeat Leading to Denial of Service — Metricbeat 6.5 Medium2026-01-13
CVE-2025-47393 Improper Validation of Array Index in Automotive Linux OS — Snapdragon 7.8 High2026-01-06
CVE-2025-15271 FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability — FontForge 7.8 -2025-12-31
CVE-2025-15270 FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability — FontForge 7.8 -2025-12-31
CVE-2025-66559 Taiko Alethia Pacaya inbox verification pointer corruption — taiko-mono 9.1AICriticalAI2025-12-04
CVE-2025-61915 OpenPrinting CUPS vulnerable to stack based out-of-bound write — cups 6.0 Medium2025-11-29
CVE-2025-0657 ALC WebCTRL Carrier i-Vu and Gen5 Controllers Array Index out-of-range — WebCtrl 7.5 -2025-11-27
CVE-2025-62372 vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs — vllm 7.5 -2025-11-21
CVE-2025-10158 Rsync: Out of bounds array access via negative index — rsync 4.3 Medium2025-11-18
CVE-2025-47361 Improper Validation of Array Index in Automotive Software platform based on QNX — Snapdragon 7.8 High2025-11-04
CVE-2025-47352 Improper Validation of Array Index in Audio — Snapdragon 7.8 High2025-11-04

Vulnerabilities classified as CWE-129 (对数组索引的验证不恰当) represent 180 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.