CWE-345
Insufficient Verification of Data Authenticity
Description
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-111 · CAPEC-141 · CAPEC-142 · CAPEC-148 · CAPEC-218 · CAPEC-384 · CAPEC-385 · CAPEC-386 · CAPEC-387 · CAPEC-388 · CAPEC-665 · CAPEC-701
CVEs mapped to this weakness (306)
page 11 of 16| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-52484 | Low | 0.11 | — | 0.00 | Jun 20, 2025 | RISC Zero is a general computing platform based on zk-STARKs and the RISC-V microarchitecture. Due to a missing constraint in the rv32im circuit, any 3-register RISC-V instruction (including remu and divu) in risc0-zkvm 2.0.0, 2.0.1, and 2.0.2 are vulnerable to an attack by a… | ||
| CVE-2026-4541 | Low | 0.09 | 2.5 | 0.00 | Mar 22, 2026 | A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/crypto_sign_ed25519_tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is… | ||
| CVE-2014-4936 | 0.04 | — | 0.17 | Dec 16, 2014 | The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute arbitrary code by spoofing the update server and uploading an executable. | |||
| CVE-2015-0251 | 0.01 | — | 0.08 | Apr 8, 2015 | The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences. | |||
| CVE-2026-50195 | 0.00 | — | — | Jun 19, 2026 | ## Impact containerd's CRI checkpoint import process contains a vulnerability where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods can use a crafted checkpoint image to force containerd… | |||
| CVE-2026-49212 | low | 0.00 | — | — | Jun 19, 2026 | ### Description In `symfony/ux-live-component`, a component's server-side state is exposed to the browser as a set of props (`#[LiveProp]`-annotated properties). Props marked `writable: true` can be freely changed by the client. Read-only props are round-tripped to the browser… | ||
| CVE-2026-54288 | 0.00 | — | 0.00 | Jun 16, 2026 | ### Summary The Body Limit Middleware trusts the request's `Content-Length` header to decide whether a body is within the limit. On AWS Lambda (API Gateway v1/v2, ALB, VPC Lattice, and Lambda@Edge) the body is delivered fully buffered and the adapter builds the request with the… | |||
| CVE-2026-47155 | 0.00 | — | 0.00 | Jun 10, 2026 | ### Summary vLLM's revision pinning controls do not consistently apply to all artifacts loaded for a model. A deployment that supplies `--revision` or `--code-revision` can still load dynamic code, GGUF files, image processors, retrieval side weights, or same-repository… | |||
| CVE-2026-45057 | 0.00 | — | 0.00 | Jun 4, 2026 | ### Impact The message edit validation logic in the `matrix-sdk-ui` crate before 0.16.1 is missing a check: when replacing an encrypted event, the replacement event itself is not required to be encrypted. This enables a malicious homeserver administrator (or an actor with… | |||
| CVE-2026-45792 | 0.00 | — | 0.00 | May 20, 2026 | RTK (Rust Token Killer) improperly trusts project-local configuration files. In versions prior to 0.32.0, RTK automatically loads `.rtk/filters.toml` from the working directory with highest priority and without user notification. An attacker can place a malicious filter file in… | |||
| CVE-2026-33143 | — | 0.00 | — | 0.00 | Mar 20, 2026 | OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the WhatsApp POST webhook handler (/notification/whatsapp/webhook) processes incoming status update events without verifying the Meta/WhatsApp X-Hub-Signature-256 HMAC signature,… | ||
| CVE-2026-32029 | 0.00 | — | 0.00 | Mar 19, 2026 | OpenClaw versions prior to 2026.2.21 improperly parse the left-most X-Forwarded-For header value when requests originate from configured trusted proxies, allowing attackers to spoof client IP addresses. In proxy chains that append or preserve header values, attackers can inject… | |||
| CVE-2026-28500 | — | 0.00 | — | 0.00 | Mar 18, 2026 | Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load() due to improper logic in the repository trust verification mechanism. While the function is… | ||
| CVE-2026-32231 | — | 0.00 | — | 0.00 | Mar 12, 2026 | ZeptoClaw is a personal AI assistant. Prior to 0.7.6, the generic webhook channel trusts caller-supplied identity fields (sender, chat_id) from the request body and applies authorization checks to those untrusted values. Because authentication is optional and defaults to… | ||
| CVE-2026-30920 | — | 0.00 | — | 0.00 | Mar 9, 2026 | OneUptime is a solution for monitoring and managing online services. Prior to 10.0.19, OneUptime's GitHub App callback trusts attacker-controlled state and installation_id values and updates Project.gitHubAppInstallationId with isRoot: true without validating that the caller is… | ||
| CVE-2026-30851 | 0.00 | — | 0.00 | Mar 7, 2026 | Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forward_auth copy_headers does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2. | |||
| CVE-2026-30223 | 0.00 | — | 0.00 | Mar 6, 2026 | OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, when JWT authentication is configured using either "authJwtPubKeyPath" (local RSA public key) or "authJwtHmacSecret" (HMAC secret), the configured audience value (authJwtAud) is… | |||
| CVE-2026-28465 | — | 0.00 | — | 0.00 | Mar 5, 2026 | OpenClaw's voice-call plugin versions before 2026.2.3 contain an improper authentication vulnerability in webhook verification that allows remote attackers to bypass verification by supplying untrusted forwarded headers. Attackers can spoof webhook events by manipulating… | ||
| CVE-2026-28454 | 0.00 | — | 0.00 | Mar 5, 2026 | OpenClaw versions prior to 2026.2.2 fail to validate webhook secrets in Telegram webhook mode (must be enabled), allowing unauthenticated HTTP POST requests to the webhook endpoint that trust attacker-controlled JSON payloads. Remote attackers can forge Telegram updates by… | |||
| CVE-2026-25921 | 0.00 | — | 0.00 | Mar 5, 2026 | Gogs is an open source self-hosted Git service. Prior to version 0.14.2, overwritable LFS object across different repos leads to supply-chain attack, all LFS objects are vulnerable to be maliciously overwritten by malicious attackers. This issue has been patched in version… |
- risk 0.11cvss —epss 0.00
RISC Zero is a general computing platform based on zk-STARKs and the RISC-V microarchitecture. Due to a missing constraint in the rv32im circuit, any 3-register RISC-V instruction (including remu and divu) in risc0-zkvm 2.0.0, 2.0.1, and 2.0.2 are vulnerable to an attack by a…
- risk 0.09cvss 2.5epss 0.00
A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/crypto_sign_ed25519_tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is…
- CVE-2014-4936Dec 16, 2014risk 0.04cvss —epss 0.17
The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute arbitrary code by spoofing the update server and uploading an executable.
- CVE-2015-0251Apr 8, 2015risk 0.01cvss —epss 0.08
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.
- CVE-2026-50195Jun 19, 2026risk 0.00cvss —epss —
## Impact containerd's CRI checkpoint import process contains a vulnerability where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods can use a crafted checkpoint image to force containerd…
- risk 0.00cvss —epss —
### Description In `symfony/ux-live-component`, a component's server-side state is exposed to the browser as a set of props (`#[LiveProp]`-annotated properties). Props marked `writable: true` can be freely changed by the client. Read-only props are round-tripped to the browser…
- CVE-2026-54288Jun 16, 2026risk 0.00cvss —epss 0.00
### Summary The Body Limit Middleware trusts the request's `Content-Length` header to decide whether a body is within the limit. On AWS Lambda (API Gateway v1/v2, ALB, VPC Lattice, and Lambda@Edge) the body is delivered fully buffered and the adapter builds the request with the…
- CVE-2026-47155Jun 10, 2026risk 0.00cvss —epss 0.00
### Summary vLLM's revision pinning controls do not consistently apply to all artifacts loaded for a model. A deployment that supplies `--revision` or `--code-revision` can still load dynamic code, GGUF files, image processors, retrieval side weights, or same-repository…
- CVE-2026-45057Jun 4, 2026risk 0.00cvss —epss 0.00
### Impact The message edit validation logic in the `matrix-sdk-ui` crate before 0.16.1 is missing a check: when replacing an encrypted event, the replacement event itself is not required to be encrypted. This enables a malicious homeserver administrator (or an actor with…
- CVE-2026-45792May 20, 2026risk 0.00cvss —epss 0.00
RTK (Rust Token Killer) improperly trusts project-local configuration files. In versions prior to 0.32.0, RTK automatically loads `.rtk/filters.toml` from the working directory with highest priority and without user notification. An attacker can place a malicious filter file in…
- CVE-2026-33143Mar 20, 2026risk 0.00cvss —epss 0.00
OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the WhatsApp POST webhook handler (/notification/whatsapp/webhook) processes incoming status update events without verifying the Meta/WhatsApp X-Hub-Signature-256 HMAC signature,…
- CVE-2026-32029Mar 19, 2026risk 0.00cvss —epss 0.00
OpenClaw versions prior to 2026.2.21 improperly parse the left-most X-Forwarded-For header value when requests originate from configured trusted proxies, allowing attackers to spoof client IP addresses. In proxy chains that append or preserve header values, attackers can inject…
- CVE-2026-28500Mar 18, 2026risk 0.00cvss —epss 0.00
Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load() due to improper logic in the repository trust verification mechanism. While the function is…
- CVE-2026-32231Mar 12, 2026risk 0.00cvss —epss 0.00
ZeptoClaw is a personal AI assistant. Prior to 0.7.6, the generic webhook channel trusts caller-supplied identity fields (sender, chat_id) from the request body and applies authorization checks to those untrusted values. Because authentication is optional and defaults to…
- CVE-2026-30920Mar 9, 2026risk 0.00cvss —epss 0.00
OneUptime is a solution for monitoring and managing online services. Prior to 10.0.19, OneUptime's GitHub App callback trusts attacker-controlled state and installation_id values and updates Project.gitHubAppInstallationId with isRoot: true without validating that the caller is…
- CVE-2026-30851Mar 7, 2026risk 0.00cvss —epss 0.00
Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forward_auth copy_headers does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2.
- CVE-2026-30223Mar 6, 2026risk 0.00cvss —epss 0.00
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, when JWT authentication is configured using either "authJwtPubKeyPath" (local RSA public key) or "authJwtHmacSecret" (HMAC secret), the configured audience value (authJwtAud) is…
- CVE-2026-28465Mar 5, 2026risk 0.00cvss —epss 0.00
OpenClaw's voice-call plugin versions before 2026.2.3 contain an improper authentication vulnerability in webhook verification that allows remote attackers to bypass verification by supplying untrusted forwarded headers. Attackers can spoof webhook events by manipulating…
- CVE-2026-28454Mar 5, 2026risk 0.00cvss —epss 0.00
OpenClaw versions prior to 2026.2.2 fail to validate webhook secrets in Telegram webhook mode (must be enabled), allowing unauthenticated HTTP POST requests to the webhook endpoint that trust attacker-controlled JSON payloads. Remote attackers can forge Telegram updates by…
- CVE-2026-25921Mar 5, 2026risk 0.00cvss —epss 0.00
Gogs is an open source self-hosted Git service. Prior to version 0.14.2, overwritable LFS object across different repos leads to supply-chain attack, all LFS objects are vulnerable to be maliciously overwritten by malicious attackers. This issue has been patched in version…