Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-178 (大小写敏感处理不恰当) — Vulnerability Class 22

22 vulnerabilities classified as CWE-178 (大小写敏感处理不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-22665 prompts.chat Identity Confusion via Case-Sensitive Username Handling — prompts.chat 8.1 High2026-04-03
CVE-2026-33691 OWASP CRS: Whitespace padding in filenames bypasses file upload extension checks — coreruleset 6.8 Medium2026-04-02
CVE-2026-3532 OpenID Connect / OAuth client - Less critical - Access bypass - SA-CONTRIB-2026-027 — OpenID Connect / OAuth client 8.8AIHighAI2026-03-26
CVE-2026-32939 DataEase is Vulnerable to H2 JDBC RCE Bypass — dataease 9.1 -2026-03-20
CVE-2026-29054 Traefik: lowercase `Connection` tokens can delete traefik-managed forwarded identity headers (for example, `X-Real-Ip`) — traefik 7.5 High2026-03-05
CVE-2026-27896 MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity — go-sdk 9.1AICriticalAI2026-02-26
CVE-2026-27588 Caddy: MatchHost becomes case-sensitive for large host lists (>100), enabling host-based route/auth bypass — caddy 9.1 -2026-02-24
CVE-2026-27587 Caddy: MatchPath %xx (escaped-path) branch skips case normalization, enabling path-based route/auth bypass — caddy 9.1 -2026-02-24
CVE-2026-25889 File Browser has an Authentication Bypass in User Password Update — filebrowser 5.4 Medium2026-02-09
CVE-2025-67718 Formio improperly authorized permission elevation through specially crafted request path — formio 7.5AIHighAI2025-12-11
CVE-2025-59944 Cursor IDE: Sensitive File Overwrite Bypass is Possible — cursor 8.1 High2025-10-03
CVE-2025-61593 Cursor CLI Agent: Sensitive File Overwrite Bypass — cursor 7.1 High2025-10-03
CVE-2025-46701 Apache Tomcat: Security constraint bypass for CGI scripts — Apache Tomcat 9.1AICriticalAI2025-05-29
CVE-2025-4035 Libsoup: cookie domain validation bypass via uppercase characters in libsoup — Red Hat Enterprise Linux 10 4.3 Medium2025-04-29
CVE-2024-6866 Case-Insensitive Path Matching in corydolphin/flask-cors — corydolphin/flask-cors 7.5 -2025-03-20
CVE-2024-55634 Drupal core - Moderately critical - Access bypass - SA-CORE-2024-004 — Drupal Core 8.8 -2024-12-09
CVE-2024-38829 Spring LDAP sensitive data exposure for case-sensitive comparisons — Spring LDAP 3.7 Low2024-12-04
CVE-2024-32879 social-auth-app-django Improper Handling of Case Sensitivity vulnerability — social-app-django 4.9 Medium2024-04-24
CVE-2024-23331 Vite dev server option `server.fs.deny` can be bypassed when hosted on case-insensitive filesystem — vite 7.5 High2024-01-19
CVE-2023-3545 Chamilo LMS Htaccess File Upload Security Bypass — Chamilo 9.8 Critical2023-11-28
CVE-2021-39155 Authorization Policy Bypass Due to Case Insensitive Host Comparison — istio 8.3 High2021-08-24
CVE-2021-24347 SP Project & Document Manager <2 4.22 - Authenticated Shell Upload — SP Project & Document Manager 8.8 -2021-06-14

Vulnerabilities classified as CWE-178 (大小写敏感处理不恰当) represent 22 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.