VYPR

CWE-749

Exposed Dangerous Method or Function

BaseIncompleteLikelihood: Low

Description

The product provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.

Hierarchy (View 1000)

Parents

Related attack patterns (CAPEC)

CAPEC-500

CVEs mapped to this weakness (65)

page 2 of 4
  • CVE-2025-24359HigJan 24, 2025
    risk 0.48cvss 8.4epss 0.00

    ASTEVAL is an evaluator of Python expressions and statements. Prior to version 1.0.6, if an attacker can control the input to the `asteval` library, they can bypass asteval's restrictions and execute arbitrary Python code in the context of the application using the library. The…

  • CVE-2026-44698HigMay 29, 2026
    risk 0.47cvss 8.3epss 0.00

    Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.4.1 for iOS and 2026.4.4 for Android, he Home Assistant Companion apps for Android and iOS expose a JavaScript bridge to the in-app WebView window.externalApp on…

  • CVE-2026-4051HigMay 26, 2026
    risk 0.47cvss 7.2epss 0.00

    IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privileges to execute remote code due to exposed method that is not properly restricted.

  • CVE-2026-35488HigApr 7, 2026
    risk 0.46cvss 8.1epss 0.00

    Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, RecipeBookViewSet and RecipeBookEntryViewSet use CustomIsShared as an alternative permission class, but CustomIsShared.has_object_permission() returns True for…

  • CVE-2017-2735HigNov 22, 2017
    risk 0.46cvss 7.1epss 0.01

    TIT-AL00 smartphones with software versions earlier before TIT-AL00C583B214 have a exposed system interface vulnerability. The software provides a system interface for interaction with external applications, but calling the interface is not properly restricted. An attacker could…

  • CVE-2025-52903HigJun 26, 2025
    risk 0.45cvss 8.0epss 0.01

    File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In versions on the 2.x branch prior to 2.33.10, the Command Execution feature of File Browser only allows the execution of shell…

  • CVE-2026-12060MedJun 12, 2026
    risk 0.42cvss 6.5epss 0.00

    Heptabase developed by Hepta Platforms has a Exposed Dangerous Method or Function vulnerability, allowing unauthenticated remote attackers to leverage social engineering techniques to trick a victim into opening or loading a malicious webpage within the Heptabase application,…

  • CVE-2026-44836MedMay 26, 2026
    risk 0.42cvss 6.5epss 0.00

    view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the preview route derives an example name from the URL and calls it with public_send. The code does not verify that the requested method is one…

  • CVE-2026-8109MedMay 12, 2026
    risk 0.42cvss 6.5epss 0.01

    An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials.

  • CVE-2025-43003MedMay 13, 2025
    risk 0.42cvss 6.4epss 0.00

    SAP S/4 HANA allows an authenticated attacker with user privileges to configure a field not intended for their access and create a custom UI layout displaying this field. On performing this step the attacker could gain access to highly sensitive information. This could cause a…

  • CVE-2025-9611HigJan 7, 2026
    risk 0.40cvss epss 0.01

    Microsoft Playwright MCP Server versions prior to 0.0.40 fails to validate the Origin header on incoming connections. This allows an attacker to perform a DNS rebinding attack via a victim’s web browser and send unauthorized requests to a locally running MCP server, resulting…

  • CVE-2025-48415MedMay 21, 2025
    risk 0.40cvss 6.2epss 0.00

    A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be exploited by an attacker to export or modify the device configuration, enable an SSH backdoor  or…

  • CVE-2018-8868MedJul 3, 2018
    risk 0.40cvss 6.2epss 0.00

    Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the…

  • CVE-2026-44798HigMay 28, 2026
    risk 0.39cvss 7.1epss 0.00

    Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, a user with access to add/change a GitRepository record could use the REST API to directly set the current_head field on the record, which was not intended to be user-editable.…

  • CVE-2026-45805higMay 19, 2026
    risk 0.38cvss epss 0.00

    ### Summary The MCP module's `ReplServer` binds to all interfaces (`0.0.0.0:4403`) and exposes a `/execute` endpoint that runs arbitrary code with zero authentication. Anyone on the network can POST JavaScript and it runs on the server. The main `PenpotMcpServer` was partially…

  • CVE-2026-25266MedMay 4, 2026
    risk 0.36cvss 5.5epss 0.00

    Memory corruption while processing IOCTL command when device is in power-save state.

  • CVE-2026-33584MedMay 13, 2026
    risk 0.34cvss 5.3epss 0.00

    Exposed Keycloak management service in the Arqit Symmetric Key Agreement Platform enables unauthorized access to sensitive debug information such as metrics and health data. This issue affects Symmetric Key Agreement Platform: before 26.03.

  • CVE-2026-49993MedJun 12, 2026
    risk 0.30cvss 5.7epss 0.00

    Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder from versions 3.15.4 to before 3.21.7 and 4.0.0 to before 4.4.7, there is an incomplete fix for GHSA-6m52-m754-pw2g. Source code may still be stolen during dev when…

  • CVE-2026-45670MedJun 12, 2026
    risk 0.28cvss 5.4epss 0.00

    Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder versions 3.15.4 to before 3.21.6, and 4.0.0-alpha.1 to before 4.4.6, there is an incomplete fix for GHSA-4gf7-ff8x-hq99. Source code may be stolen during dev when using…

  • CVE-2026-7516MedJun 10, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was identified in the Lenovo Android Application, distributed exclusively on tablets in the Chinese market, that could allow a website visited by the built-in browser to overwrite system clipboard contents.