Skip to main content

CWE-449

The UI Performs the Wrong Action

5 CVEs Avg CVSS 4.7 MITRE
0
CRITICAL
0
HIGH
5
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2025-13637 MEDIUM PATCH This Month

A security vulnerability in Downloads in Google Chrome (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass Chrome Google Debian Ubuntu +2
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-56139 MEDIUM This Month

LinkedIn Mobile Application for Android version 4.1.1087.2 fails to update link preview metadata (image, title, description) when a user replaces the original URL in a post or comment before. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Android Linkedin
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-49736 MEDIUM Monitor

The ui performs the wrong action in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Google Microsoft Android Edge
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-26643 MEDIUM This Month

The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Chrome Google Microsoft Edge Chromium
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2025-21404 MEDIUM This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Chrome Google Microsoft Edge Chromium
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-13637
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

A security vulnerability in Downloads in Google Chrome (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass Chrome Google +4
NVD
CVE-2025-56139
EPSS 0% CVSS 5.3
MEDIUM This Month

LinkedIn Mobile Application for Android version 4.1.1087.2 fails to update link preview metadata (image, title, description) when a user replaces the original URL in a post or comment before. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Android +1
NVD
CVE-2025-49736
EPSS 0% CVSS 4.3
MEDIUM Monitor

The ui performs the wrong action in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Google Microsoft +2
NVD
CVE-2025-26643
EPSS 0% CVSS 5.4
MEDIUM This Month

The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Chrome Google +2
NVD
CVE-2025-21404
EPSS 0% CVSS 4.3
MEDIUM This Month

Microsoft Edge (Chromium-based) Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Chrome Google +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy