Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-754 (对因果或异常条件的不恰当检查) — Vulnerability Class 271

271 vulnerabilities classified as CWE-754 (对因果或异常条件的不恰当检查). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-35225 Improper timeout handling in CODESYS EtherNetIP — CODESYS EtherNetIP 5.3AIMediumAI2026-04-23
CVE-2026-35366 uutils coreutils printenv Security Inspection Bypass via UTF-8 Enforcement — coreutils 4.4 Medium2026-04-22
CVE-2026-40343 free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation — udr 5.3AIMediumAI2026-04-21
CVE-2026-40249 free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors — free5gc 9.1AICriticalAI2026-04-16
CVE-2025-43883 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 4.1 Medium2026-04-16
CVE-2026-33790 Junos OS: SRX Series: In a NAT64 configuration, receipt of a specific, malformed ICMPv6 packet will cause the srxpfe process to crash and restart. — Junos OS 7.5 High2026-04-09
CVE-2026-33787 Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specific show command is executed chassisd crashes — Junos OS 5.5 Medium2026-04-09
CVE-2026-33781 Junos OS: EX Series, QFX Series: In a VXLAN scenario when specific control protocol packets are received, memory leaks and eventually no traffic is passed — Junos OS 6.5 Medium2026-04-09
CVE-2026-33774 Junos OS: MX Series: Firewall filters on lo0.<non-0> in the default routing instance are not in effect — Junos OS 6.5 Medium2026-04-09
CVE-2026-33786 Junos OS: SRX1600, SRX2300, SRX4300: When a specific show command is executed chassisd crashes — Junos OS 5.5 Medium2026-04-09
CVE-2026-40069 bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts — bsv-ruby-sdk 7.5 High2026-04-09
CVE-2026-31790 Incorrect Failure Handling in RSA KEM RSASVE Encapsulation — OpenSSL 7.5AIHighAI2026-04-07
CVE-2026-39395 Cosign's verify-blob-attestation reports false positive when payload parsing fails — cosign 4.3 Medium2026-04-07
CVE-2026-33939 Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation — handlebars.js 7.5 High2026-03-27
CVE-2026-3109 Missing timestamp validation in Zoom webhook handler — Mattermost 2.2 Low2026-03-26
CVE-2026-20719 DoS via URL Previews Rendering Malicious SVGs — Mattermost 4.3 Medium2026-03-25
CVE-2026-0230 Cortex XDR Agent: Local Administrator can disable the agent on macOS — Cortex XDR Agent 6.0AIMediumAI2026-03-11
CVE-2026-30900 Zoom Workplace Clients for Windows - Improper Check — Zoom Workplace 7.8 High2026-03-11
CVE-2026-22760 Dell Device Management Agent 代码问题漏洞 — Device Management Agent (DDMA) 3.3 Low2026-03-04
CVE-2025-69250 free5GC has Improper Error Handling in UDM, Leading to Information Exposure — udm 5.3 -2026-02-23
CVE-2026-0229 PAN-OS: Denial of Service in Advanced DNS Security Feature — Cloud NGFW 7.5AIHighAI2026-02-11
CVE-2026-25639 Axios affected by Denial of Service via __proto__ Key in mergeConfig — axios 7.5 High2026-02-09
CVE-2026-0944 Group invite - Moderately critical - Access bypass - SA-CONTRIB-2026-001 — Group invite--AI2026-02-04
CVE-2026-24513 ingress-nginx auth-url protection bypass — ingress-nginx 3.1 Low2026-02-03
CVE-2026-20419 MediaTek Chipsets 安全漏洞 — MediaTek chipset 6.5AIMediumAI2026-02-02
CVE-2025-15542 Denial of Service (DoS) of VoIP Communication on TP-Link VX800v — VX800v v1.0 7.5AIHighAI2026-01-29
CVE-2026-24054 Kata Containers Runtime: Host block device can be hotplugged to the VM if the container image is malformed or contains no layers — kata-containers 3.8 -2026-01-29
CVE-2025-14840 HTTP Client Manager - Less critical - Information disclosure - SA-CONTRIB-2025-126 — HTTP Client Manager--AI2026-01-28
CVE-2026-22796 ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function — OpenSSL 7.5AIHighAI2026-01-27
CVE-2026-22795 Missing ASN1_TYPE validation in PKCS#12 parsing — OpenSSL 7.5AIHighAI2026-01-27

Vulnerabilities classified as CWE-754 (对因果或异常条件的不恰当检查) represent 271 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.