Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-670 (控制流实现总是不正确) — Vulnerability Class 69

69 vulnerabilities classified as CWE-670 (控制流实现总是不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-41988 uuid 安全漏洞 — uuid 3.2 Low2026-04-23
CVE-2026-35343 uutils coreutils cut Inconsistent Output Suppression with Newline Delimiters — coreutils 3.3 Low2026-04-22
CVE-2026-40942 DSF: Inverted Time Comparison in OIDC JWKS and Token Cache — dsf 5.9AIMediumAI2026-04-21
CVE-2026-41527 kleopatra 安全漏洞 — Kleopatra 6.9 Medium2026-04-21
CVE-2026-6608 lm-sys fastchat Arena Side-by-Side View add_text control flow — fastchat 5.3 Medium2026-04-20
CVE-2026-40960 Luanti 安全漏洞 — Luanti 8.1 High2026-04-16
CVE-2026-40719 MaraDNS 安全漏洞 — MaraDNS 7.5 High2026-04-15
CVE-2026-40396 Varnish Cache 安全漏洞 — Varnish Cache 4.0 Medium2026-04-12
CVE-2026-40394 Varnish Cache和Varnish Enterprise 安全漏洞 — Varnish Cache 4.0 Medium2026-04-12
CVE-2026-40200 musl libc 安全漏洞 — musl 8.1 High2026-04-10
CVE-2026-34946 Wasmtime's host panics when Winch compiler executes `table.fill` — wasmtime 7.7AIHighAI2026-04-09
CVE-2026-35414 OpenSSH 安全漏洞 — OpenSSH 4.2 Medium2026-04-02
CVE-2026-35387 OpenSSH 安全漏洞 — OpenSSH 3.1 Low2026-04-02
CVE-2025-58136 Apache Traffic Server: A simple legitimate POST request causes a crash — Apache Traffic Server 7.5AIHighAI2026-04-02
CVE-2026-33011 Nest Fastify HEAD Request Middleware Bypass — nest 7.1 -2026-03-20
CVE-2026-32713 PX4 Autopilot MAVLink FTP Session Validation Logic Error Allows Operations on Invalid File Descriptors — PX4-Autopilot 4.3 Medium2026-03-13
CVE-2026-1874 Denial-of-Service (DoS) vulnerability in Ethernet function of MELSEC iQ-F Series EtherNet/IP module and Ethernet module — MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP 7.5AIHighAI2026-03-03
CVE-2026-26267 rs-soroban-sdk #[contractimpl] macro calls inherent function instead of trait function when names collide — rs-soroban-sdk 7.5 High2026-02-19
CVE-2025-33199 NVIDIA DGX Spark 安全漏洞 — DGX Spark 3.2 Low2025-11-25
CVE-2025-32942 SSH Communications Security SSH Tectia Server 安全漏洞 — Tectia Server 7.2 High2025-10-02
CVE-2025-49091 KDE Konsole 安全漏洞 — Konsole 8.2 High2025-06-11
CVE-2025-32996 http-proxy-middleware 安全漏洞 — http-proxy-middleware 4.0 Medium2025-04-15
CVE-2025-2886 Terminating targets role delegations are not respected in tough — tough 4.3AIMediumAI2025-03-27
CVE-2025-24800 Critical vulnerability in `ismp-grandpa` <v15.0.1 — hyperbridge 7.5 -2025-01-28
CVE-2025-21607 Success of Certain Precompile Calls not Checked in Vyper — vyper 7.1 -2025-01-14
CVE-2024-53271 HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy — envoy 7.1 High2024-12-18
CVE-2024-53270 HTTP/1: sending overload crashes when the request is reset beforehand in envoy — envoy 7.5 High2024-12-18
CVE-2024-53269 Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting in envoy — envoy 4.5 Medium2024-12-18
CVE-2024-52811 Acks not validated before logged to qlog leads to buffer overflow in ngtcp2 — ngtcp2 8.2 High2024-11-25
CVE-2024-38365 btcd did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality — btcd 7.4 High2024-10-11

Vulnerabilities classified as CWE-670 (控制流实现总是不正确) represent 69 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.