VYPR

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

BaseIncomplete

Description

The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (269)

page 10 of 14
  • CVE-2026-46680higMay 21, 2026
    risk 0.38cvss epss 0.00

    ### Impact A bug was found in containerd where containers launched with a numeric `User` directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username. If a crafted image provides an `/etc/passwd` file mapping this large numeric string to root, the…

  • CVE-2026-40446MedApr 13, 2026
    risk 0.38cvss 6.9epss 0.00

    Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.

  • CVE-2026-20806MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information locally.

  • CVE-2025-43355MedSep 15, 2025
    risk 0.36cvss 5.5epss 0.00

    A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to cause a denial-of-service.

  • CVE-2024-54507MedJan 27, 2025
    risk 0.36cvss 5.5epss 0.01

    A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. An attacker with user privileges may be able to read kernel memory.

  • CVE-2024-40788MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, visionOS 1.3, watchOS 10.6. A local attacker may be able…

  • CVE-2026-12299MedJun 16, 2026
    risk 0.35cvss 5.4epss 0.00

    JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.

  • CVE-2026-8358MedJun 15, 2026
    risk 0.35cvss epss 0.00

    LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the…

  • CVE-2026-6047MedJun 15, 2026
    risk 0.35cvss epss 0.00

    LibreOffice can import documents in the OOXML format (DOCX). A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one type and written to at that type's field layout, but it could be a smaller object,…

  • CVE-2025-14799MedFeb 18, 2026
    risk 0.35cvss 6.5epss 0.00

    The Brevo - Email, SMS, Web Push, Chat, and more. plugin for WordPress is vulnerable to authorization bypass due to type juggling in all versions up to, and including, 3.3.0. This is due to the use of loose comparison (==) instead of strict comparison (===) when validating the…

  • CVE-2025-24271MedApr 29, 2025
    risk 0.35cvss 5.4epss 0.00

    An access issue was addressed with improved access restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An unauthenticated user on the same network as a signed-in Mac…

  • CVE-2026-8499MedJun 9, 2026
    risk 0.34cvss 5.3epss 0.00

    The Helpfulcrowd Product Reviews plugin for WordPress is vulnerable to Authorization Bypass via PHP Type Juggling in versions up to, and including, 1.2.9. This is due to the `helpfulcrowd_validate_token()` function using a loose comparison operator (`!=`) instead of a strict…

  • CVE-2026-39956MedApr 13, 2026
    risk 0.33cvss 6.1epss 0.00

    jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the _strindices builtin in jq's src/builtin.c passes its arguments directly to jv_string_indexes() without verifying they are strings, and jv_string_indexes() in src/jv.c relies…

  • CVE-2026-25204MedApr 13, 2026
    risk 0.33cvss 6.2epss 0.00

    Deserialization of untrusted data vulnerability in Samsung Open Source Escargot Java Script allows denial of service condition via process abort. This issue affects escarogt prior to commit hash 97e8115ab1110bc502b4b5e4a0c689a71520d335

  • CVE-2025-32352MedApr 5, 2025
    risk 0.31cvss 4.8epss 0.00

    A type confusion vulnerability in lib/NSSAuthenticator.php in ZendTo before v5.04-7 allows remote attackers to bypass authentication for users with passwords stored as MD5 hashes that can be interpreted as numbers. A solution requires moving from MD5 to bcrypt.

  • CVE-2026-45702MedJun 3, 2026
    risk 0.29cvss 4.4epss 0.00

    OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior to version 4.11.0, a type confusion vulnerability exists in OP-TEE OS when…

  • CVE-2026-11785MedJun 9, 2026
    risk 0.28cvss 4.3epss 0.00

    A flaw was found in 389 Directory Server. A type confusion in the SSO token extended operation handler causes partial stack address information to be disclosed in LDAP responses to authenticated users.

  • CVE-2026-10702MedJun 2, 2026
    risk 0.28cvss 4.3epss 0.00

    JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3.

  • CVE-2025-31206MedMay 12, 2025
    risk 0.28cvss 4.3epss 0.01

    A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected Safari…

  • CVE-2019-13118MedJul 1, 2019
    risk 0.28cvss 5.3epss 0.05

    In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.