Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3266

3266 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-23839 Movary vulnerable to Cross-site Scripting with `?categoryUpdated=` param — movary 9.3 Critical2026-01-19
CVE-2026-23836 HotCRP vulnerable to remote code execution through formulas — hotcrp 10.0 Critical2026-01-19
CVE-2025-61684 Quicly has assertion failures — quicly 7.5 High2026-01-19
CVE-2025-29847 Apache Linkis: Arbitrary File Read via Double URL Encoding Bypass — Apache Linkis 7.5AIHighAI2026-01-19
CVE-2025-12718 Quick Contact Form <= 8.2.6 - Unauthenticated Open Mail Relay — Quick Contact Form 5.8 Medium2026-01-17
CVE-2025-9014 Null Pointer Dereference Vulnerability on TL-WR841N — TL-WR841N v14 7.5AIHighAI2026-01-15
CVE-2026-0976 Org.keycloak/keycloak-quarkus-server: keycloak: proxy bypass due to improper handling of matrix parameters in url paths — Red Hat Build of Keycloak 3.7 Low2026-01-15
CVE-2025-68970 Huawei EMUI和Huawei HarmonyOS 安全漏洞 — HarmonyOS 6.1 Medium2026-01-14
CVE-2025-68964 Huawei HarmonyOS 安全漏洞 — HarmonyOS 6.2 Medium2026-01-14
CVE-2026-0543 Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation — Kibana 6.5 Medium2026-01-13
CVE-2026-22868 go-ethereum has a DoS via malicious p2p message — go-ethereum 7.5AIHighAI2026-01-13
CVE-2026-22862 go-ethereum has a DoS via malicious p2p message — go-ethereum 7.5AIHighAI2026-01-13
CVE-2026-21271 Dreamweaver Desktop | Improper Input Validation (CWE-20) — Dreamweaver Desktop 8.6 High2026-01-13
CVE-2026-21272 Dreamweaver Desktop | Improper Input Validation (CWE-20) — Dreamweaver Desktop 8.6 High2026-01-13
CVE-2026-21268 Dreamweaver Desktop | Improper Input Validation (CWE-20) — Dreamweaver Desktop 8.6 High2026-01-13
CVE-2026-20951 Microsoft SharePoint Server Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016 7.8 High2026-01-13
CVE-2026-20856 Windows Server Update Service (WSUS) Remote Code Execution Vulnerability — Windows 10 Version 1607 8.1 High2026-01-13
CVE-2026-20812 LDAP Tampering Vulnerability — Windows 10 Version 1607 6.5 Medium2026-01-13
CVE-2026-0404 Insufficient input validation in NETGEAR Orbi routers — RBRE960 8.0AIHighAI2026-01-13
CVE-2026-0406 Insufficient input validation in NETGEAR Nighthawk router XR1000v2 — XR1000v2 8.8AIHighAI2026-01-13
CVE-2026-0403 Insufficient input validation in NETGEAR Orbi routers — RBR750 8.8AIHighAI2026-01-13
CVE-2026-22611 AWS SDK for .NET V4 adopted defense in depth enhancement for region parameter value — aws-sdk-net 3.7 Low2026-01-10
CVE-2026-22700 RustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKE — elliptic-curves 7.5 High2026-01-10
CVE-2026-22699 RustCrypto SM2-PKE has Unchecked AffinePoint Decoding (unwrap) in decrypt() — elliptic-curves 7.5 High2026-01-10
CVE-2025-15035 Arbitrary File Deletion Vulnerability in TP-Link Archer AXE75 — Archer AXE75 v1.6 7.3 -2026-01-09
CVE-2026-22255 iccDEV has heap-buffer-overflow in CIccCLUT::Init() at IccProfLib/IccTagLut.cpp — iccDEV 8.8 High2026-01-08
CVE-2026-21858 n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling — n8n 10.0 Critical2026-01-07
CVE-2026-22047 iccDEV has heap-buffer-overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp — iccDEV 8.8 High2026-01-07
CVE-2026-22046 iccDEV has heap-buffer-overflow in CIccProfileXml::ParseBasic() at IccXML/IccLibXML/IccProfileXml.cpp — iccDEV 8.8 High2026-01-07
CVE-2026-21693 iccDEV has Type Confusion in CIccSegmentedCurveXml::ToXml() at IccXML/IccLibXML/IccMpeXml.cpp — iccDEV 8.8 High2026-01-07

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3266 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.