Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-356 (产品UI接口未警示用户不安全动作) — Vulnerability Class 29

29 vulnerabilities classified as CWE-356 (产品UI接口未警示用户不安全动作). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-0777 Xmind Attachment Insufficient UI Warning Remote Code Execution Vulnerability — Xmind 8.8AIHighAI2026-02-20
CVE-2026-25805 Zed does not show Parameter Values for MCP Tool Calls. Users cannot detect tool poisoning. — zed 6.4 Medium2026-02-10
CVE-2025-3839 Epiphany: insecure external protocol invocation in epiphany 8.0 High2026-01-23
CVE-2025-14414 Soda PDF Desktop Word File Insufficient UI Warning Remote Code Execution Vulnerability — Desktop 7.8AIHighAI2025-12-23
CVE-2025-14415 Soda PDF Desktop Launch Insufficient UI Warning Remote Code Execution Vulnerability — Desktop 8.8AIHighAI2025-12-23
CVE-2025-14412 Soda PDF Desktop XLS File Insufficient UI Warning Remote Code Execution Vulnerability — Desktop 7.8AIHighAI2025-12-23
CVE-2025-14418 pdfforge PDF Architect XLS File Insufficient UI Warning Remote Code Execution Vulnerability — PDF Architect 7.8AIHighAI2025-12-23
CVE-2025-14417 pdfforge PDF Architect Launch Insufficient UI Warning Remote Code Execution Vulnerability — PDF Architect 8.8AIHighAI2025-12-23
CVE-2025-14416 pdfforge PDF Architect DOC File Insufficient UI Warning Remote Code Execution Vulnerability — PDF Architect 7.8AIHighAI2025-12-23
CVE-2025-14404 PDFsam Enhanced XLS File Insufficient UI Warning Remote Code Execution Vulnerability — Enhanced 7.8AIHighAI2025-12-23
CVE-2025-14403 PDFsam Enhanced Launch Insufficient UI Warning Remote Code Execution Vulnerability — Enhanced 7.8AIHighAI2025-12-23
CVE-2025-14402 PDFsam Enhanced DOC File Insufficient UI Warning Remote Code Execution Vulnerability — Enhanced 7.8AIHighAI2025-12-23
CVE-2025-58335 JetBrains Junie 安全漏洞 — Junie 5.5 Medium2025-08-28
CVE-2025-31334 WinRAR 安全漏洞 — WinRAR 7.8AIHighAI2025-04-03
CVE-2025-2450 NI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution Vulnerability — Vision Builder AI 7.8 -2025-03-18
CVE-2024-4187 Stored XSS vulnerability has been discovered in OpenText™ Filr. The vulnerability could cause users to not be warned when clicking links to external sites. — Filr 5.4AIMediumAI2024-07-31
CVE-2024-30057 Microsoft Edge for iOS Spoofing Vulnerability — Microsoft Edge for iOS 5.4 Medium2024-06-13
CVE-2024-3044 Graphic on-click binding allows unchecked script execution — LibreOffice 7.1 -2024-05-14
CVE-2022-36970 AVEVA Edge 安全漏洞 — Edge 7.8 -2023-03-29
CVE-2022-39362 Metabase vulnerable to arbitrary SQL execution from queryhash — metabase 8.8 High2022-10-26
CVE-2022-35873 Inductive Automation Ignition 代码注入漏洞 — Ignition 7.8 -2022-07-25
CVE-2019-13322 Xiaomi Mi6 Browser 输入验证错误漏洞 — Browser 8.8 -2020-02-10
CVE-2019-17151 Tencent WeChat 输入验证错误漏洞 — WeChat 5.4 -2020-01-07
CVE-2019-6738 Bitdefender SafePay 操作系统命令注入漏洞 — SafePay 8.8 -2019-06-03
CVE-2019-6737 Bitdefender SafePay 代码问题漏洞 — SafePay 8.8 -2019-06-03
CVE-2019-6736 Bitdefender SafePay 操作系统命令注入漏洞 — SafePay 8.8 -2019-06-03
CVE-2018-16858 LibreOffice 路径遍历漏洞 — libreoffice 9.8 -2019-03-25
CVE-2018-10593 BD DB Manager和PerformA 安全漏洞 — Kiestra and InoqulA systems 6.4 -2018-05-24
CVE-2018-10595 BD ReadA 安全漏洞 — Kiestra and InoqulA systems 6.4 -2018-05-24

Vulnerabilities classified as CWE-356 (产品UI接口未警示用户不安全动作) represent 29 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.