CWE-472
External Control of Assumed-Immutable Web Parameter
Description
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-146 · CAPEC-226 · CAPEC-31 · CAPEC-39
CVEs mapped to this weakness (88)
page 2 of 5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-7973 | Hig | 0.57 | 8.8 | 0.00 | May 6, 2026 | Integer overflow in Dawn in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2026-7903 | Hig | 0.57 | 8.8 | 0.00 | May 6, 2026 | Integer overflow in ANGLE in Google Chrome on Mac,Windows prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-7896 | Hig | 0.57 | 8.8 | 0.00 | May 6, 2026 | Integer overflow in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-5912 | Hig | 0.57 | 8.8 | 0.00 | Apr 8, 2026 | Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low) | ||
| CVE-2026-5910 | Hig | 0.57 | 8.8 | 0.00 | Apr 8, 2026 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low) | ||
| CVE-2026-5909 | Hig | 0.57 | 8.8 | 0.00 | Apr 8, 2026 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low) | ||
| CVE-2026-5908 | Hig | 0.57 | 8.8 | 0.00 | Apr 8, 2026 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low) | ||
| CVE-2026-5870 | Hig | 0.57 | 8.8 | 0.00 | Apr 8, 2026 | Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-5859 | Hig | 0.57 | 8.8 | 0.00 | Apr 8, 2026 | Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-5274 | Hig | 0.57 | 8.8 | 0.00 | Apr 1, 2026 | Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2025-14750 | — | Hig | 0.57 | — | 0.00 | Jan 22, 2026 | The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged user can modify the parameters and potentially manipulate account-level privileges. | |
| CVE-2025-30236 | Hig | 0.56 | 8.6 | 0.00 | Mar 19, 2025 | Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 allows authentication through only a six-digit TOTP code (skipping a password check) if an HTTP POST request contains a SESSION parameter. | ||
| CVE-2026-11655 | Hig | 0.54 | 8.3 | 0.00 | Jun 9, 2026 | Integer overflow in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-11640 | Hig | 0.54 | 8.3 | 0.00 | Jun 9, 2026 | Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-10924 | Hig | 0.54 | 8.3 | 0.00 | Jun 4, 2026 | Integer overflow in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-10921 | Hig | 0.54 | 8.3 | 0.00 | Jun 4, 2026 | Integer overflow in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9998 | Hig | 0.54 | 8.3 | 0.00 | May 28, 2026 | Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9966 | Hig | 0.54 | 8.3 | 0.00 | May 28, 2026 | Integer overflow in XML in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-8573 | Hig | 0.54 | 8.3 | 0.00 | May 14, 2026 | Integer overflow in Codecs in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium) | ||
| CVE-2026-8534 | Hig | 0.54 | 8.3 | 0.00 | May 14, 2026 | Integer overflow in GPU in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
- risk 0.57cvss 8.8epss 0.00
Integer overflow in Dawn in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
- risk 0.57cvss 8.8epss 0.00
Integer overflow in ANGLE in Google Chrome on Mac,Windows prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Integer overflow in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.57cvss 8.8epss 0.00
Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low)
- risk 0.57cvss 8.8epss 0.00
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)
- risk 0.57cvss 8.8epss 0.00
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)
- risk 0.57cvss 8.8epss 0.00
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)
- risk 0.57cvss 8.8epss 0.00
Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.57cvss 8.8epss 0.00
Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss —epss 0.00
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged user can modify the parameters and potentially manipulate account-level privileges.
- risk 0.56cvss 8.6epss 0.00
Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 allows authentication through only a six-digit TOTP code (skipping a password check) if an HTTP POST request contains a SESSION parameter.
- risk 0.54cvss 8.3epss 0.00
Integer overflow in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
- risk 0.54cvss 8.3epss 0.00
Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.54cvss 8.3epss 0.00
Integer overflow in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
- risk 0.54cvss 8.3epss 0.00
Integer overflow in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
- risk 0.54cvss 8.3epss 0.00
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
- risk 0.54cvss 8.3epss 0.00
Integer overflow in XML in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
- risk 0.54cvss 8.3epss 0.00
Integer overflow in Codecs in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)
- risk 0.54cvss 8.3epss 0.00
Integer overflow in GPU in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)