CWE-1384
Improper Handling of Physical or Environmental Conditions
Description
The product does not properly handle unexpected physical or environmental conditions that occur naturally or are artificially induced.
Hierarchy (View 1000)
CVEs mapped to this weakness (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-2760 | Cri | 0.65 | 10.0 | 0.00 | Feb 24, 2026 | Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | ||
| CVE-2026-2759 | Cri | 0.64 | 9.8 | 0.00 | Feb 24, 2026 | Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | ||
| CVE-2026-2757 | Cri | 0.64 | 9.8 | 0.01 | Feb 24, 2026 | Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | ||
| CVE-2025-52557 | Hig | 0.49 | — | 0.00 | Jun 21, 2025 | Mail-0's Zero is an open-source email solution. In version 0.8 it's possible for an attacker to craft an email that executes javascript leading to session hijacking due to improper sanitization. This issue has been patched in version 0.81. | ||
| CVE-2024-39355 | Med | 0.42 | 6.5 | 0.00 | Feb 12, 2025 | Improper handling of physical or environmental conditions in some Intel(R) Processors may allow an authenticated user to enable denial of service via local access. | ||
| CVE-2026-49325 | Med | 0.30 | 4.6 | 0.00 | May 29, 2026 | Improper handling of physical conditions in the bike-shutdown control of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows a physical attacker with access to the Wireless Control Module (WCM) wiring harness to bypass the anti-theft shutdown. The WCM signals… |
- risk 0.65cvss 10.0epss 0.00
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
- risk 0.64cvss 9.8epss 0.00
Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
- risk 0.64cvss 9.8epss 0.01
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
- risk 0.49cvss —epss 0.00
Mail-0's Zero is an open-source email solution. In version 0.8 it's possible for an attacker to craft an email that executes javascript leading to session hijacking due to improper sanitization. This issue has been patched in version 0.81.
- risk 0.42cvss 6.5epss 0.00
Improper handling of physical or environmental conditions in some Intel(R) Processors may allow an authenticated user to enable denial of service via local access.
- risk 0.30cvss 4.6epss 0.00
Improper handling of physical conditions in the bike-shutdown control of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows a physical attacker with access to the Wireless Control Module (WCM) wiring harness to bypass the anti-theft shutdown. The WCM signals…