Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-346 (源验证错误) — Vulnerability Class 152

152 vulnerabilities classified as CWE-346 (源验证错误). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-7659 Origin Validation Error in GitLab — GitLab 8.0 High2026-02-11
CVE-2026-1997 Certain HP OfficeJet Pro Printers - Information Disclosure — HP OfficeJet Pro 8730 All-in-One Printer 5.3AIMediumAI2026-02-10
CVE-2022-50975 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated access to device configuration — VibroLine VLX1 HD 5.0 8.8 High2026-02-02
CVE-2026-22694 AliasVault is Missing Origin Validation in Android Passkey Credential Provider — aliasvault 6.1 Medium2026-01-14
CVE-2022-50925 Prowise Reflect v1.0.9 - Remote Keystroke Injection — Prowise Reflect 9.8 Critical2026-01-13
CVE-2026-22794 Account Takeover Vulnerability in Appsmith — appsmith 9.7 Critical2026-01-12
CVE-2025-14279 DNS Rebinding Vulnerability in mlflow/mlflow — mlflow/mlflow 8.8AIHighAI2026-01-12
CVE-2026-22030 React Router has CSRF issue in Action/Server Action Request Processing — react-router 6.5 Medium2026-01-10
CVE-2025-69260 Trend Micro Apex Central 安全漏洞 — Trend Micro Apex Central 7.5 High2026-01-08
CVE-2025-69259 Trend Micro Apex Central 安全漏洞 — Trend Micro Apex Central 7.5 High2026-01-08
CVE-2026-20893 Fujitsu Security Solution AuthConductor Client Basic 访问控制错误漏洞 — Fujitsu Security Solution AuthConductor Client Basic V2 7.8 -2026-01-07
CVE-2025-69235 Naver Whale Browser 安全漏洞 — NAVER Whale browser 8.2 -2025-12-30
CVE-2025-61740 Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG Origin Validation Error — IQ Panels2, 2+, IQHub, IQPanel 4, PowerG 9.1AICriticalAI2025-12-22
CVE-2025-34291 Langflow <= 1.6.9 CORS Misconfiguration to Token Hijack & RCE — Langflow 8.8 -2025-12-05
CVE-2025-8074 Synology BeeDrive 访问控制错误漏洞 — BeeDrive for desktop 5.6 Medium2025-12-04
CVE-2024-32642 Host header poisoning allows account takeover via password reset email — MasaCMS 8.8 High2025-12-03
CVE-2025-37734 Kibana Origin Validation Error — Kibana 4.3 Medium2025-11-12
CVE-2024-14006 Nagios XI < 2024R1.2.2 Host Header Injection — XI 5.4AIMediumAI2025-10-30
CVE-2025-12245 chatwoot Widget IFrameHelper.js initPostMessageCommunication origin validation — chatwoot 5.3 Medium2025-10-27
CVE-2025-62250 Liferay Portal和Liferay DXP 访问控制错误漏洞 — Portal 9.8AICriticalAI2025-10-21
CVE-2025-62584 Naver Whale Browser 安全漏洞 — NAVER Whale browser 8.2AIHighAI2025-10-16
CVE-2025-9265 API Authentication Bypass via Header Spoofing vulnerability in Kiloview NDI N30 Products — NDI 7.5AIHighAI2025-10-13
CVE-2025-2140 IBM Engineering Requirements Management Doors Next spoofing — Engineering Requirements Management Doors Next 5.7 Medium2025-10-12
CVE-2025-59957 Junos OS: EX4600 Series and QFX5000 Series: An attacker with physical access can open a persistent backdoor — Junos OS 6.8 Medium2025-10-09
CVE-2025-42706 CrowdStrike Falcon Sensor for Windows Logic Error — Falcon sensor for Windows 6.5 Medium2025-10-08
CVE-2025-59159 SillyTavern Web Interface Vulnerable to DNS Rebinding — SillyTavern 9.7 Critical2025-10-06
CVE-2025-59845 Apollo Embedded Sandbox and Explorer vulnerable to CSRF via window.postMessage origin-validation bypass — embeddable-explorer 8.2 High2025-09-26
CVE-2025-20364 Cisco Wireless LAN Controller 安全漏洞 — Cisco Aironet Access Point Software (IOS XE Controller) 4.3 Medium2025-09-24
CVE-2025-10193 Neo4j Cypher MCP server is vulnerable to DNS rebinding attacks — neo4j-cypher MCP server 9.3AICriticalAI2025-09-11
CVE-2024-13068 Host Header Injection in Akinsoft's LimonDesk — LimonDesk 7.3 High2025-09-03

Vulnerabilities classified as CWE-346 (源验证错误) represent 152 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.