Skip to main content

CWE-693

Protection Mechanism Failure

500 CVEs Avg CVSS 6.8 MITRE
60
CRITICAL
189
HIGH
219
MEDIUM
30
LOW
45
POC
13
KEV

Monthly

CVE-2026-56087 MEDIUM PATCH This Month

Protection mechanism failure in Dell ThinOS 10 (versions prior to 2605_10.2100) allows an unauthenticated attacker with physical device access to bypass encryption controls and gain unauthorized read and write access to data stored on the thin client. The flaw, classified as CWE-693, indicates the encryption or authentication protection subsystem can be circumvented without any credentials, consistent with the Authentication Bypass tag and CVSS PR:N rating. No public exploit has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog, though the physical access constraint limits but does not eliminate risk in environments with unattended or theft-prone thin clients.

Authentication Bypass Dell Thinos 10
NVD
CVSS 3.1
6.1
CVE-2026-50646 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft .NET (Framework 3.5 through 4.8.1, .NET 8.0/9.0, and Visual Studio 2022/2026) arises from a protection mechanism failure (CWE-693) that lets an unauthorized attacker run arbitrary code once a victim is lured into opening a malicious file or project. The flaw requires user interaction (UI:R) and local delivery (AV:L) but no prior privileges (PR:N), yielding high confidentiality, integrity, and availability impact and a 7.8 CVSS score. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV, but the ubiquity of .NET on Windows makes patching a priority.

Authentication Bypass Net 8 0 Net 9 0 Microsoft Net Framework 3 5 Microsoft Net Framework 3 5 And 4 7 2 +7
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2026-47305 HIGH PATCH This Week

Local code execution in Microsoft Visual Studio (2022 versions 17.12 and 17.14, and 2026 version 18.7) stems from a protection mechanism failure that lets an unauthorized attacker run arbitrary code once a victim is convinced to open or interact with a malicious project, file, or solution. Microsoft has published a fix, but there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV. The CVSS 3.1 base score is 7.8, reflecting high confidentiality, integrity, and availability impact requiring local access plus user interaction.

Authentication Bypass Microsoft Visual Studio 2022 Version 17 12 Microsoft Visual Studio 2022 Version 17 14 Microsoft Visual Studio 2026 Version 18 7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50661 MEDIUM POC PATCH Exploit Unlikely This Month

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Authentication Bypass Microsoft Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +11
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2026-34348 MEDIUM PATCH Exploit Unlikely This Month

Windows Event Logging Service across a wide range of Windows 10, Windows 11, and Windows Server versions fails to enforce its intended protection mechanisms, permitting any authenticated low-privileged network user to read information that should be access-controlled. The CVSS vector (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) confirms exploitation requires only a valid low-privilege account and network connectivity, with no user interaction and no elevated rights - making it a practical post-compromise lateral-movement or reconnaissance tool. No public exploit code has been identified and this CVE is not listed in CISA KEV at time of analysis, but the ubiquitous deployment footprint across the Windows ecosystem elevates organizational exposure.

Microsoft Information Disclosure Windows 10 Version 1809 Windows 10 Version 21H2 Windows 10 Version 22H2 +9
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2026-15618 LOW Monitor

Protection mechanism failure in mosaxiv clawlet up to version 0.2.10 allows remote attackers to bypass the exec Safety Guard, undermining the tool's core command-execution restriction logic. The vulnerability resides in the `guardExecCommand` function within `tools/tool_exec.go`, where insufficient enforcement of protection controls permits manipulation that should otherwise be blocked. Passive user interaction is required (CVSS 4.0 UI:P), and a public proof-of-concept exploit has been released; however, the vendor has closed the tracking GitHub issue as 'not planned', indicating no patch is forthcoming.

Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.2%
CVE-2026-15528 LOW POC Monitor

Path validation bypass in kicad-mcp up to 3.3.1 enables local low-privileged users to read files outside intended directory scope by manipulating the `project_path` or `schematic_path` arguments processed by `kicad_mcp/utils/path_validator.py`. The protection mechanism in this MCP (Model Context Protocol) server for KiCad PCB design software fails to adequately sanitize or normalize supplied paths, resulting in limited confidentiality impact with no integrity or availability consequences. No public patch is available as of this analysis; a proof-of-concept exploit exists publicly via GitHub issue #57, though the project maintainer has not yet responded to the disclosure.

Information Disclosure Kicad Mcp
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.1%
CVE-2026-61437 HIGH PATCH This Week

Arbitrary Python code execution in PraisonAI (praisonaiagents) before 1.6.78 occurs when AgentFlow._resolve_pydantic_class resolves a string output_pydantic reference in a workflow step, causing the framework to import a sibling tools.py from the workflow file's directory via importlib exec_module without any sandboxing. Because this loader ignores the PRAISONAI_ALLOW_*_TOOLS environment guardrails, an attacker who supplies a malicious workflow file plus its tools.py runs code with the workflow runner's privileges the moment the workflow is executed via WorkflowManager or loaded through load_yaml. No public exploit is identified at time of analysis, and the flaw is not listed in CISA KEV.

Python RCE Praisonai
NVD GitHub
CVSS 4.0
8.5
EPSS
0.1%
CVE-2026-60086 MEDIUM PATCH This Month

Prompt injection defenses in PraisonAI before version 4.6.78 can be bypassed by crafting single or double-vector injections classified at the HIGH threat level, which the protection mechanism silently allows through to the underlying language model. The defense only blocks CRITICAL-classified injections - those matching three or more detector families simultaneously - meaning attackers who deliberately keep their payload below that threshold face no blocking at all. No active exploitation has been confirmed via CISA KEV and no public exploit code has been identified at time of analysis, though the bypass technique is conceptually straightforward given that the classification threshold logic is now publicly disclosed.

Authentication Bypass Praisonai
NVD GitHub
CVSS 4.0
6.9
EPSS
0.2%
CVE-2026-59854 MEDIUM This Month

Credential file exfiltration in SiYuan prior to 3.7.1 is possible through the POST /api/file/globalCopyFiles endpoint, which accepts arbitrary absolute source paths and relies on an incomplete denylist in util.IsSensitivePath to block sensitive files. The denylist omits common credential files including .git-credentials, .netrc, .pgpass, .kube/config, .docker/config.json, and .gnupg, enabling an authenticated administrator or API-token holder to copy these files into the workspace and read them via the file API. No public exploit code or CISA KEV listing exists at time of analysis, but the Docker tag suggests this is relevant in containerized deployments where host-mounted credential files may be accessible.

Information Disclosure Docker Siyuan
NVD GitHub
CVSS 3.1
4.9
EPSS
0.3%
CVSS 6.1
MEDIUM PATCH This Month

Protection mechanism failure in Dell ThinOS 10 (versions prior to 2605_10.2100) allows an unauthenticated attacker with physical device access to bypass encryption controls and gain unauthorized read and write access to data stored on the thin client. The flaw, classified as CWE-693, indicates the encryption or authentication protection subsystem can be circumvented without any credentials, consistent with the Authentication Bypass tag and CVSS PR:N rating. No public exploit has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog, though the physical access constraint limits but does not eliminate risk in environments with unattended or theft-prone thin clients.

Authentication Bypass Dell Thinos 10
NVD
EPSS 2% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft .NET (Framework 3.5 through 4.8.1, .NET 8.0/9.0, and Visual Studio 2022/2026) arises from a protection mechanism failure (CWE-693) that lets an unauthorized attacker run arbitrary code once a victim is lured into opening a malicious file or project. The flaw requires user interaction (UI:R) and local delivery (AV:L) but no prior privileges (PR:N), yielding high confidentiality, integrity, and availability impact and a 7.8 CVSS score. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV, but the ubiquity of .NET on Windows makes patching a priority.

Authentication Bypass Net 8 0 Net 9 0 +9
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local code execution in Microsoft Visual Studio (2022 versions 17.12 and 17.14, and 2026 version 18.7) stems from a protection mechanism failure that lets an unauthorized attacker run arbitrary code once a victim is convinced to open or interact with a malicious project, file, or solution. Microsoft has published a fix, but there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV. The CVSS 3.1 base score is 7.8, reflecting high confidentiality, integrity, and availability impact requiring local access plus user interaction.

Authentication Bypass Microsoft Visual Studio 2022 Version 17 12 Microsoft Visual Studio 2022 Version 17 14 +1
NVD
EPSS 0% CVSS 6.1
MEDIUM POC PATCH Exploit Unlikely This Month

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Authentication Bypass Microsoft Windows 10 Version 1607 +13
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH Exploit Unlikely This Month

Windows Event Logging Service across a wide range of Windows 10, Windows 11, and Windows Server versions fails to enforce its intended protection mechanisms, permitting any authenticated low-privileged network user to read information that should be access-controlled. The CVSS vector (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) confirms exploitation requires only a valid low-privilege account and network connectivity, with no user interaction and no elevated rights - making it a practical post-compromise lateral-movement or reconnaissance tool. No public exploit code has been identified and this CVE is not listed in CISA KEV at time of analysis, but the ubiquitous deployment footprint across the Windows ecosystem elevates organizational exposure.

Microsoft Information Disclosure Windows 10 Version 1809 +11
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Protection mechanism failure in mosaxiv clawlet up to version 0.2.10 allows remote attackers to bypass the exec Safety Guard, undermining the tool's core command-execution restriction logic. The vulnerability resides in the `guardExecCommand` function within `tools/tool_exec.go`, where insufficient enforcement of protection controls permits manipulation that should otherwise be blocked. Passive user interaction is required (CVSS 4.0 UI:P), and a public proof-of-concept exploit has been released; however, the vendor has closed the tracking GitHub issue as 'not planned', indicating no patch is forthcoming.

Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 1.9
LOW POC Monitor

Path validation bypass in kicad-mcp up to 3.3.1 enables local low-privileged users to read files outside intended directory scope by manipulating the `project_path` or `schematic_path` arguments processed by `kicad_mcp/utils/path_validator.py`. The protection mechanism in this MCP (Model Context Protocol) server for KiCad PCB design software fails to adequately sanitize or normalize supplied paths, resulting in limited confidentiality impact with no integrity or availability consequences. No public patch is available as of this analysis; a proof-of-concept exploit exists publicly via GitHub issue #57, though the project maintainer has not yet responded to the disclosure.

Information Disclosure Kicad Mcp
NVD VulDB GitHub
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Arbitrary Python code execution in PraisonAI (praisonaiagents) before 1.6.78 occurs when AgentFlow._resolve_pydantic_class resolves a string output_pydantic reference in a workflow step, causing the framework to import a sibling tools.py from the workflow file's directory via importlib exec_module without any sandboxing. Because this loader ignores the PRAISONAI_ALLOW_*_TOOLS environment guardrails, an attacker who supplies a malicious workflow file plus its tools.py runs code with the workflow runner's privileges the moment the workflow is executed via WorkflowManager or loaded through load_yaml. No public exploit is identified at time of analysis, and the flaw is not listed in CISA KEV.

Python RCE Praisonai
NVD GitHub
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Prompt injection defenses in PraisonAI before version 4.6.78 can be bypassed by crafting single or double-vector injections classified at the HIGH threat level, which the protection mechanism silently allows through to the underlying language model. The defense only blocks CRITICAL-classified injections - those matching three or more detector families simultaneously - meaning attackers who deliberately keep their payload below that threshold face no blocking at all. No active exploitation has been confirmed via CISA KEV and no public exploit code has been identified at time of analysis, though the bypass technique is conceptually straightforward given that the classification threshold logic is now publicly disclosed.

Authentication Bypass Praisonai
NVD GitHub
EPSS 0% CVSS 4.9
MEDIUM This Month

Credential file exfiltration in SiYuan prior to 3.7.1 is possible through the POST /api/file/globalCopyFiles endpoint, which accepts arbitrary absolute source paths and relies on an incomplete denylist in util.IsSensitivePath to block sensitive files. The denylist omits common credential files including .git-credentials, .netrc, .pgpass, .kube/config, .docker/config.json, and .gnupg, enabling an authenticated administrator or API-token holder to copy these files into the workspace and read them via the file API. No public exploit code or CISA KEV listing exists at time of analysis, but the Docker tag suggests this is relevant in containerized deployments where host-mounted credential files may be accessible.

Information Disclosure Docker Siyuan
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy