Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-20 (输入验证不恰当) — Vulnerability Class 3266

3266 vulnerabilities classified as CWE-20 (输入验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-32149 Windows Hyper-V Remote Code Execution Vulnerability — Windows 10 Version 1607 7.3 High2026-04-14
CVE-2026-27928 Windows Hello Security Feature Bypass Vulnerability — Windows Server 2016 8.7 High2026-04-14
CVE-2026-27913 Windows BitLocker Security Feature Bypass Vulnerability — Windows Server 2012 7.7 High2026-04-14
CVE-2026-26170 PowerShell Elevation of Privilege Vulnerability — Windows 10 Version 1607 7.8 High2026-04-14
CVE-2026-26143 Microsoft PowerShell Security Feature Bypass Vulnerability — PowerShell 7.4 7.8 High2026-04-14
CVE-2026-33826 Windows Active Directory Remote Code Execution Vulnerability — Windows Server 2012 R2 8.0 High2026-04-14
CVE-2026-32168 Azure Monitor Agent Elevation of Privilege Vulnerability — Azure Monitor 7.8 High2026-04-14
CVE-2026-27906 Windows Hello Security Feature Bypass Vulnerability — Windows 10 Version 21H2 4.4 Medium2026-04-14
CVE-2026-26154 Windows Server Update Service (WSUS) Tampering Vulnerability — Windows Server 2012 7.5 High2026-04-14
CVE-2026-22563 Ubiquiti UniFi Play PowerAmp和Ubiquiti UniFi Play Audio Port 安全漏洞 — UniFi Play PowerAmp 9.8 Critical2026-04-13
CVE-2026-22565 Ubiquiti UniFi Play PowerAmp和Ubiquiti UniFi Play Audio Port 安全漏洞 — UniFi Play PowerAmp 7.5 -2026-04-13
CVE-2026-6231 bson_validate may skip validation when processing certain inputs — C Driver 4.3 Medium2026-04-13
CVE-2026-34855 Huawei EMUI和Huawei HarmonyOS 安全漏洞 — HarmonyOS 5.7 Medium2026-04-13
CVE-2026-40162 Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble — bugsink 7.1 High2026-04-10
CVE-2026-5500 Improper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication Bypass — wolfSSL 3.7 -2026-04-10
CVE-2026-33797 Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a BGP reset — Junos OS 7.4 High2026-04-09
CVE-2026-32990 Apache Tomcat: Fix for CVE-2025-66614 is incomplete — Apache Tomcat 9.1AICriticalAI2026-04-09
CVE-2026-5329 Rapid7 Velociraptor Improper Input Validation in Client Message Handler — Velociraptor 8.5 High2026-04-09
CVE-2026-34178 Importing a crafted backup leads to project restriction bypass — lxd 9.1 Critical2026-04-09
CVE-2026-5919 Google Chrome 输入验证错误漏洞 — Chrome 8.1AIHighAI2026-04-08
CVE-2026-5915 Google Chrome 输入验证错误漏洞 — Chrome 8.8AIHighAI2026-04-08
CVE-2026-5887 Google Chrome 输入验证错误漏洞 — Chrome 6.5AIMediumAI2026-04-08
CVE-2026-5884 Google Chrome 输入验证错误漏洞 — Chrome 8.8AIHighAI2026-04-08
CVE-2026-5885 Google Chrome for Windows 输入验证错误漏洞 — Chrome 6.5AIMediumAI2026-04-08
CVE-2026-5879 Google Chrome 输入验证错误漏洞 — Chrome 8.8AIHighAI2026-04-08
CVE-2026-39410 Hono has a non-breaking space prefix bypass in cookie name handling in getCookie() — hono 4.8 Medium2026-04-08
CVE-2026-34197 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans — Apache ActiveMQ Broker 8.8AIHighAI2026-04-07
CVE-2026-34773 Electron: Registry key path injection in app.setAsDefaultProtocolClient on Windows — electron 4.7 Medium2026-04-03
CVE-2026-28797 RAGFlow: Server-Side Template Injection (SSTI) leading to Remote Code Execution (RCE) in Agent "Text Processing" Component — ragflow 8.8AIHighAI2026-04-03
CVE-2026-34980 OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network — cups 9.8AICriticalAI2026-04-03

Vulnerabilities classified as CWE-20 (输入验证不恰当) represent 3266 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.