Skip to main content

CWE-20

Improper Input Validation

8658 CVEs Avg CVSS 6.9 MITRE
970
CRITICAL
3623
HIGH
3739
MEDIUM
311
LOW
1496
POC
62
KEV

Monthly

CVE-2026-54254 MEDIUM PATCH GHSA This Month

Pixeldrain API key exfiltration in cyberdrop-dl-patched (versions 8.5.0 through 9.13.x) allows a network attacker who controls a lookalike domain (e.g., evil-pixeldrain.com) to receive the victim's Pixeldrain Authorization header when the tool processes a crafted URL. The root cause is substring-based host matching: any domain containing 'pixeldrain' as a substring is accepted as a valid Pixeldrain host, causing the tool to blindly send API credentials to attacker-controlled infrastructure. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog, but the attack path is straightforward and fully described in the advisory.

WordPress Information Disclosure
NVD GitHub
CVE-2026-56678 MEDIUM PATCH This Month

Server-side request forgery (SSRF) in 9Router's Kiro API-key validation endpoint allows authenticated attackers to redirect outbound validation requests to an attacker-controlled host, exfiltrating the submitted Kiro API key via the Authorization header. Affected are all 9Router deployments prior to version 0.5.6 where the Kiro OAuth provider is configured. No public exploit code exists and the vulnerability is not listed in CISA KEV, but the attack is low-complexity once authenticated. Vendor-released patch is available in v0.5.6.

Information Disclosure 9Router
NVD GitHub
CVSS 3.1
6.4
CVE-2026-50144 HIGH PATCH This Week

Out-of-bounds heap write in Tencent's ncnn neural-network inference framework allows a crafted .param model file to corrupt heap memory when parsed by Net::load_param(). Because ParamDict::load_param() and load_param_bin() validated the parsed parameter id only against the upper bound (id >= NCNN_MAX_PARAM_COUNT), a negative id indexes before the params[] array, giving an attacker a write primitive below the allocated buffer. No public exploit is identified at time of analysis and the issue is not in CISA KEV; an upstream source-code fix is available.

Buffer Overflow Ncnn
NVD GitHub
CVSS 3.1
7.1
CVE-2026-52883 MEDIUM PATCH GHSA This Month

Authenticated injection of TIME_TRACKING and REMINDER note types in MantisBT's SOAP and REST APIs allows UPDATER-level users to corrupt billing data and falsify project records. The `note_type` integer parameter supplied by the caller is passed directly to `bugnote_add()` in the SOAP endpoint - and through `mc_issue_update()` in the REST API - without verifying the caller holds sufficient privilege to create that note type. Attackers with UPDATER access can inject arbitrary billable hours into MantisBT's billing reports, generating fraudulent invoices, and can register fake REMINDER notes via SOAP. No public exploit is identified at time of analysis, and a vendor patch is available in version 2.28.4.

PHP Code Injection
NVD GitHub
CVE-2026-14961 MEDIUM This Month

Privilege escalation to NT AUTHORITY\SYSTEM is achievable on Windows systems hosting the Pegatron Tdelo64.sys kernel-mode driver, which exposes the \\.\TdeIo device interface without enforcing caller privilege checks or validating user-supplied kernel memory addresses in its IOCTL dispatcher. Any local user can open the device interface and send crafted IOCTL requests to perform arbitrary kernel memory read and write operations, enabling full system compromise including credential theft and security product bypass. No public exploit code or CISA KEV listing has been identified at time of analysis; the vulnerability was reported to CERT/CC (VU#529388), and the provided CVSS score of 6.2 materially understates the real-world impact given the described kernel write capability.

Privilege Escalation Tdelo64 Sys
NVD
CVSS 3.1
6.2
CVE-2026-20153 HIGH This Week

Denial of service in Cisco RoomOS software allows remote, unauthenticated attackers to disrupt device availability through improperly validated input, resulting in a high availability impact (CVSS 7.5). The flaw was internally discovered during a Cisco engineering security review and shipped in a software hardening release bundling multiple CWE-20 input-validation issues. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Cisco Information Disclosure Cisco Roomos Software
NVD VulDB
CVSS 3.1
7.5
CVE-2026-61427 MEDIUM PATCH This Month

PraisonAI's MCP HTTP-stream transport silently skips authentication when no API key is configured at startup, allowing unauthenticated clients to initialize sessions, enumerate tools via tools/list, and invoke arbitrary tools via tools/call. Affected versions are all releases before 4.6.78. Compounding this, the dispatcher passes tool-call arguments directly to handlers without validating them against the advertised inputSchema, meaning a client can supply malformed or out-of-schema arguments to any registered tool. No public exploit code or CISA KEV listing has been identified at the time of analysis.

Information Disclosure Praisonai
NVD GitHub
CVSS 4.0
6.9
CVE-2026-56398 HIGH PATCH This Week

Stored cross-site scripting in Open WebUI before 0.9.5 lets an attacker plant a malicious SVG as a victim's OAuth profile image and execute script in the application's origin. During OAuth login, the `picture` claim URL is fetched and its MIME type is guessed from the file extension rather than the response Content-Type, so a `.svg` URL is stored as a `data:image/svg+xml;base64,...` URI that bypasses the profile-image allowlist; when an authenticated user opens the profile image endpoint the SVG is served inline with no default CSP, running JavaScript that reads `localStorage.token` for account takeover. Reported by VulnCheck with a detailed GHSA source-code advisory; no public exploit identified at time of analysis and it is not in CISA KEV.

XSS Open Webui
NVD GitHub
CVSS 4.0
8.5
CVE-2026-56349 MEDIUM PATCH This Month

Input validation bypass in n8n's Guardrail node (versions before 2.10.0) allows end users interacting with affected workflows to circumvent AI safety guardrail instructions through crafted inputs, undermining workflow integrity. Any n8n deployment running a workflow that incorporates the Guardrail node is exposed; instances not using that node are entirely unaffected regardless of version. No public exploit code has been identified and this CVE does not appear in CISA KEV; a vendor-confirmed patch is available in n8n 2.10.0.

Authentication Bypass N8n
NVD GitHub
CVSS 4.0
6.3
CVE-2026-48353 MEDIUM This Month

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.2%
MEDIUM PATCH This Month

Pixeldrain API key exfiltration in cyberdrop-dl-patched (versions 8.5.0 through 9.13.x) allows a network attacker who controls a lookalike domain (e.g., evil-pixeldrain.com) to receive the victim's Pixeldrain Authorization header when the tool processes a crafted URL. The root cause is substring-based host matching: any domain containing 'pixeldrain' as a substring is accepted as a valid Pixeldrain host, causing the tool to blindly send API credentials to attacker-controlled infrastructure. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog, but the attack path is straightforward and fully described in the advisory.

WordPress Information Disclosure
NVD GitHub
CVSS 6.4
MEDIUM PATCH This Month

Server-side request forgery (SSRF) in 9Router's Kiro API-key validation endpoint allows authenticated attackers to redirect outbound validation requests to an attacker-controlled host, exfiltrating the submitted Kiro API key via the Authorization header. Affected are all 9Router deployments prior to version 0.5.6 where the Kiro OAuth provider is configured. No public exploit code exists and the vulnerability is not listed in CISA KEV, but the attack is low-complexity once authenticated. Vendor-released patch is available in v0.5.6.

Information Disclosure 9Router
NVD GitHub
CVSS 7.1
HIGH PATCH This Week

Out-of-bounds heap write in Tencent's ncnn neural-network inference framework allows a crafted .param model file to corrupt heap memory when parsed by Net::load_param(). Because ParamDict::load_param() and load_param_bin() validated the parsed parameter id only against the upper bound (id >= NCNN_MAX_PARAM_COUNT), a negative id indexes before the params[] array, giving an attacker a write primitive below the allocated buffer. No public exploit is identified at time of analysis and the issue is not in CISA KEV; an upstream source-code fix is available.

Buffer Overflow Ncnn
NVD GitHub
MEDIUM PATCH This Month

Authenticated injection of TIME_TRACKING and REMINDER note types in MantisBT's SOAP and REST APIs allows UPDATER-level users to corrupt billing data and falsify project records. The `note_type` integer parameter supplied by the caller is passed directly to `bugnote_add()` in the SOAP endpoint - and through `mc_issue_update()` in the REST API - without verifying the caller holds sufficient privilege to create that note type. Attackers with UPDATER access can inject arbitrary billable hours into MantisBT's billing reports, generating fraudulent invoices, and can register fake REMINDER notes via SOAP. No public exploit is identified at time of analysis, and a vendor patch is available in version 2.28.4.

PHP Code Injection
NVD GitHub
CVSS 6.2
MEDIUM This Month

Privilege escalation to NT AUTHORITY\SYSTEM is achievable on Windows systems hosting the Pegatron Tdelo64.sys kernel-mode driver, which exposes the \\.\TdeIo device interface without enforcing caller privilege checks or validating user-supplied kernel memory addresses in its IOCTL dispatcher. Any local user can open the device interface and send crafted IOCTL requests to perform arbitrary kernel memory read and write operations, enabling full system compromise including credential theft and security product bypass. No public exploit code or CISA KEV listing has been identified at time of analysis; the vulnerability was reported to CERT/CC (VU#529388), and the provided CVSS score of 6.2 materially understates the real-world impact given the described kernel write capability.

Privilege Escalation Tdelo64 Sys
NVD
CVSS 7.5
HIGH This Week

Denial of service in Cisco RoomOS software allows remote, unauthenticated attackers to disrupt device availability through improperly validated input, resulting in a high availability impact (CVSS 7.5). The flaw was internally discovered during a Cisco engineering security review and shipped in a software hardening release bundling multiple CWE-20 input-validation issues. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Cisco Information Disclosure Cisco Roomos Software
NVD VulDB
CVSS 6.9
MEDIUM PATCH This Month

PraisonAI's MCP HTTP-stream transport silently skips authentication when no API key is configured at startup, allowing unauthenticated clients to initialize sessions, enumerate tools via tools/list, and invoke arbitrary tools via tools/call. Affected versions are all releases before 4.6.78. Compounding this, the dispatcher passes tool-call arguments directly to handlers without validating them against the advertised inputSchema, meaning a client can supply malformed or out-of-schema arguments to any registered tool. No public exploit code or CISA KEV listing has been identified at the time of analysis.

Information Disclosure Praisonai
NVD GitHub
CVSS 8.5
HIGH PATCH This Week

Stored cross-site scripting in Open WebUI before 0.9.5 lets an attacker plant a malicious SVG as a victim's OAuth profile image and execute script in the application's origin. During OAuth login, the `picture` claim URL is fetched and its MIME type is guessed from the file extension rather than the response Content-Type, so a `.svg` URL is stored as a `data:image/svg+xml;base64,...` URI that bypasses the profile-image allowlist; when an authenticated user opens the profile image endpoint the SVG is served inline with no default CSP, running JavaScript that reads `localStorage.token` for account takeover. Reported by VulnCheck with a detailed GHSA source-code advisory; no public exploit identified at time of analysis and it is not in CISA KEV.

XSS Open Webui
NVD GitHub
CVSS 6.3
MEDIUM PATCH This Month

Input validation bypass in n8n's Guardrail node (versions before 2.10.0) allows end users interacting with affected workflows to circumvent AI safety guardrail instructions through crafted inputs, undermining workflow integrity. Any n8n deployment running a workflow that incorporates the Guardrail node is exposed; instances not using that node are entirely unaffected regardless of version. No public exploit code has been identified and this CVE does not appear in CISA KEV; a vendor-confirmed patch is available in n8n 2.10.0.

Authentication Bypass N8n
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Information Disclosure
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy