CWE-693
Protection Mechanism Failure
Description
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-1 · CAPEC-107 · CAPEC-127 · CAPEC-17 · CAPEC-20 · CAPEC-22 · CAPEC-237 · CAPEC-36 · CAPEC-477 · CAPEC-480 · CAPEC-51 · CAPEC-57 · CAPEC-59 · CAPEC-65 · CAPEC-668 · CAPEC-74 · CAPEC-87
CVEs mapped to this weakness (353)
page 4 of 18| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-8969 | Hig | 0.53 | 8.1 | 0.00 | May 19, 2026 | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Thunderbird 151. | ||
| CVE-2026-8962 | Hig | 0.53 | 8.1 | 0.00 | May 19, 2026 | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. | ||
| CVE-2026-8018 | Hig | 0.53 | 8.1 | 0.00 | May 6, 2026 | Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via malicious network traffic. (Chromium security severity: Low) | ||
| CVE-2026-7978 | Hig | 0.53 | 8.1 | 0.00 | May 6, 2026 | Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. (Chromium security severity: Medium) | ||
| CVE-2026-0877 | Hig | 0.53 | 8.1 | 0.00 | Jan 13, 2026 | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | ||
| CVE-2025-43330 | Hig | 0.53 | 8.2 | 0.00 | Sep 15, 2025 | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be able to break out of its sandbox. | ||
| CVE-2025-8032 | Hig | 0.53 | 8.1 | 0.00 | Jul 22, 2025 | XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1. | ||
| CVE-2025-31189 | Hig | 0.53 | 8.2 | 0.00 | May 29, 2025 | A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to break out of its sandbox. | ||
| CVE-2024-56182 | Hig | 0.53 | 8.2 | 0.00 | Mar 11, 2025 | A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC Field PG M6 (All versions < V26.01.12), SIMATIC IPC BX-21A (All versions < V31.01.07), SIMATIC IPC BX-32A (All versions < V29.01.07), SIMATIC IPC BX-39A (All versions < V29.01.07), SIMATIC IPC… | ||
| CVE-2024-56181 | Hig | 0.53 | 8.2 | 0.00 | Mar 11, 2025 | A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC IPC BX-21A (All versions < V31.01.07), SIMATIC IPC BX-32A (All versions < V29.01.07), SIMATIC IPC BX-39A (All versions < V29.01.07), SIMATIC IPC BX-59A (All versions < V32.01.04), SIMATIC IPC… | ||
| CVE-2026-0097 | Hig | 0.52 | 8.0 | 0.00 | Jun 1, 2026 | In multiple locations, there is a possible way to bypass user interaction when pairing an LE device due to a logic error. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2026-47392 | cri | 0.52 | — | 0.00 | May 29, 2026 | ## Summary `execute_code()` in `praisonaiagents/tools/python_tools.py` (v1.6.37, subprocess sandbox mode) can be fully bypassed using `print.__self__` to retrieve the real Python `builtins` module, from which `__import__` can be extracted via `vars()` and runtime string… | ||
| CVE-2026-44007 | Cri | 0.52 | 9.1 | 0.01 | May 13, 2026 | vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.1, when a NodeVM is created with nesting: true, sandbox code can unconditionally require('vm2') regardless of the outer VM's require configuration — including require: false. With access to vm2, the sandbox constructs… | ||
| CVE-2025-41232 | Cri | 0.52 | 9.1 | 0.01 | May 21, 2025 | Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: * You are using @EnableMethodSecurity(mode=ASPECTJ) and… | ||
| CVE-2026-12214 | Hig | 0.51 | 7.8 | 0.00 | Jun 15, 2026 | A security flaw has been discovered in Qihoo 360 Total Security 6.0. This vulnerability affects the function RpcStringBindingComposeW of the component Nucleus Engine Monitoring Logic. Performing a manipulation of the argument NetworkAddr results in protection mechanism failure.… | ||
| CVE-2026-48575 | Hig | 0.51 | 7.9 | 0.00 | Jun 9, 2026 | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | ||
| CVE-2026-48570 | Hig | 0.51 | 7.9 | 0.00 | Jun 9, 2026 | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | ||
| CVE-2026-48568 | Hig | 0.51 | 7.9 | 0.00 | Jun 9, 2026 | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | ||
| CVE-2026-47656 | Hig | 0.51 | 7.9 | 0.00 | Jun 9, 2026 | Protection mechanism failure in Windows Boot Manager allows an authorized attacker to bypass a security feature locally. | ||
| CVE-2026-45656 | Hig | 0.51 | 7.8 | 0.00 | Jun 9, 2026 | Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally. |
- risk 0.53cvss 8.1epss 0.00
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
- risk 0.53cvss 8.1epss 0.00
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
- risk 0.53cvss 8.1epss 0.00
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via malicious network traffic. (Chromium security severity: Low)
- risk 0.53cvss 8.1epss 0.00
Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. (Chromium security severity: Medium)
- risk 0.53cvss 8.1epss 0.00
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
- risk 0.53cvss 8.2epss 0.00
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be able to break out of its sandbox.
- risk 0.53cvss 8.1epss 0.00
XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.
- risk 0.53cvss 8.2epss 0.00
A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to break out of its sandbox.
- risk 0.53cvss 8.2epss 0.00
A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC Field PG M6 (All versions < V26.01.12), SIMATIC IPC BX-21A (All versions < V31.01.07), SIMATIC IPC BX-32A (All versions < V29.01.07), SIMATIC IPC BX-39A (All versions < V29.01.07), SIMATIC IPC…
- risk 0.53cvss 8.2epss 0.00
A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC IPC BX-21A (All versions < V31.01.07), SIMATIC IPC BX-32A (All versions < V29.01.07), SIMATIC IPC BX-39A (All versions < V29.01.07), SIMATIC IPC BX-59A (All versions < V32.01.04), SIMATIC IPC…
- risk 0.52cvss 8.0epss 0.00
In multiple locations, there is a possible way to bypass user interaction when pairing an LE device due to a logic error. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for…
- risk 0.52cvss —epss 0.00
## Summary `execute_code()` in `praisonaiagents/tools/python_tools.py` (v1.6.37, subprocess sandbox mode) can be fully bypassed using `print.__self__` to retrieve the real Python `builtins` module, from which `__import__` can be extracted via `vars()` and runtime string…
- risk 0.52cvss 9.1epss 0.01
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.1, when a NodeVM is created with nesting: true, sandbox code can unconditionally require('vm2') regardless of the outer VM's require configuration — including require: false. With access to vm2, the sandbox constructs…
- risk 0.52cvss 9.1epss 0.01
Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: * You are using @EnableMethodSecurity(mode=ASPECTJ) and…
- risk 0.51cvss 7.8epss 0.00
A security flaw has been discovered in Qihoo 360 Total Security 6.0. This vulnerability affects the function RpcStringBindingComposeW of the component Nucleus Engine Monitoring Logic. Performing a manipulation of the argument NetworkAddr results in protection mechanism failure.…
- risk 0.51cvss 7.9epss 0.00
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
- risk 0.51cvss 7.9epss 0.00
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
- risk 0.51cvss 7.9epss 0.00
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
- risk 0.51cvss 7.9epss 0.00
Protection mechanism failure in Windows Boot Manager allows an authorized attacker to bypass a security feature locally.
- risk 0.51cvss 7.8epss 0.00
Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally.