依類型的 CVE 清單:Input Validation(依公開年份篩選)

探索與 Input Validation 漏洞相關的 CVE,並依公開年份篩選。本清單預設優先展示最新揭露,並支援依 CVSS 與 EPSS 風險分數進一步篩選。

涵蓋最新漏洞揭露與趨勢,協助安全團隊快速識別高風險問題與被利用可能性。

目前為 Input Validation 類型、2026 年公開的 CVE。 檢視完整 CVE 清單

顯示 1201146 筆結果
«« 第一頁 « 上一頁 第 1 / 58 頁 下一頁 »
CVE 描述 最高 CVSS EPSS % 公開時間 更新時間
CVE-2026-58292 Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 7.5 2026-07-03 2026-07-03
CVE-2026-57985 Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 7.6 2026-07-03 2026-07-03
CVE-2026-22547 Gitea versions before 1.25.5 lack validation constraints for repository creation fields, including length-limited template fields and trust model or object format values. 2026-07-03 2026-07-03
CVE-2026-14631 webpack-dev-server versions 5.2.5 and earlier terminate the whole Node.js process when an unauthenticated peer sends either a normal HTTP request with a malformed Host header or a WebSocket upgrade to the default /ws endpoint with a malformed Origin header. The malformed value causes an uncaught exception in the host-validation path and crashes the dev server. Impact is limited to availability of the development server, no data disclosure, no code execution. Patches: upgrade to webpack-dev-serve 5.3 2026-07-03 2026-07-03
CVE-2026-13341 A vulnerability exists in the Kong Konnect Model Context Protocol (MCP) server prior to version 1.0.0, which could allow a remote attacker to perform an indirect prompt injection attack and execute unintended API requests. 7.4 2026-07-03 2026-07-03
CVE-2022-4990 ** UNSUPPORTED WHEN ASSIGNED ** Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation. 7.3 2026-07-02 2026-07-02
CVE-2022-4989 ** UNSUPPORTED WHEN ASSIGNED ** Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests, leading to privilege escalation. 8.5 2026-07-02 2026-07-02
CVE-2026-55952 The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tls_handshake_1_3:handle_pre_shared_key/3, an OfferedPreSharedKeys record with a mismatched number of identities and binders is forwarded directly to tls_server_session_ticket:use/4, which crashes the session ticket handler process. An unauthenticated remote attacker can send 8.2 0.46% 2026-07-02 2026-07-02
CVE-2026-44935 Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants. 9.9 0.57% 2026-07-02 2026-07-03
CVE-2026-54405 A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi Network Application to execute a Denial of Service (DoS) attack on the application. 7.5 0.26% 2026-07-02 2026-07-02
CVE-2026-54402 A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device. 9.9 0.79% 2026-07-02 2026-07-02
CVE-2026-50748 A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi Access Application to execute a Command Injection on the host device. 9.9 0.79% 2026-07-02 2026-07-02
CVE-2026-57623 Unauthenticated Arbitrary Code Execution in W3 Total Cache <= 2.9.4 versions. 9.0 0.33% 2026-07-02 2026-07-02
CVE-2026-14429 Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 8.3 0.22% 2026-07-01 2026-07-03
CVE-2026-14428 Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 8.3 0.26% 2026-07-01 2026-07-03
CVE-2026-14414 Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) 5.3 0.22% 2026-07-01 2026-07-02
CVE-2026-14412 Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 8.3 0.22% 2026-07-01 2026-07-03
CVE-2026-14411 Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 9.6 0.25% 2026-07-01 2026-07-03
CVE-2026-14401 Insufficient validation of untrusted input in ANGLE in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 8.3 0.22% 2026-07-01 2026-07-03
CVE-2026-14382 Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 9.6 0.28% 2026-07-01 2026-07-03
«« 第一頁 « 上一頁 第 1 / 58 頁 下一頁 »
cvelogic Threat Intelligence