CWE-1284— Improper Validation of Specified Quantity in Input
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.— MITRE CWE catalog
337 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1284page 7 of 7
- CVE-2026-42744MEDIUMCVSS 6.5EG 6.52026-05-27
Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Manipulating Hidden Fields.This issue affects Ads by WPQuads: from n/a through <= 3.0.2.
- CVE-2026-43928LOWCVSS 2.3EG 2.32026-07-06
FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the PayPalEmail payment adapter accepts PayPal IPN callbacks and credits the IPN-supplied amount (`mc_gross`) to the client's balance without …
- CVE-2026-44459LOWCVSS 3.8EG 3.82026-05-13
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, improper validation of the JWT NumericDate claims exp, nbf, and iat in hono/utils/jwt allows tokens with non-spec-compliant claim value…
- CVE-2026-44635HIGHCVSS 7.5EG 7.52026-05-27
Kysely is a type-safe TypeScript SQL query builder. From 0.26.0 to 0.28.16, DefaultQueryCompiler.visitJSONPathLeg does not escape JSON-path metacharacters (., [, ], *, **, ?). When attacker-controlled input flows into eb.ref(col, '->$').ke…
- CVE-2026-44826HIGHCVSS 7.5EG 7.52026-05-15
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-add endpoint. Submitting a negative intege…
- CVE-2026-45441HIGHCVSS 7.5EG 7.52026-06-15
Unauthenticated Other Vulnerability Type in WpEvently <= 5.3.3 versions.
- CVE-2026-46033HIGHCVSS 7.1EG 7.12026-05-27
In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject short ahash digests during instance creation authencesn requires either a zero authsize or an authsize of at least 4 bytes because the ESN en…
- CVE-2026-47329LOWCVSS 3.3EG 3.32026-05-28
Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted r…
- CVE-2026-49078HIGHCVSS 7.5EG 7.52026-06-15
Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions.
- CVE-2026-49110HIGHCVSS 7.5EG 7.52026-06-15
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce <= 3.1.4 versions.
- CVE-2026-49218HIGHCVSS 7.5EG 7.52026-06-10
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check in the DCM decoder could result in an image with invalid dimensions and that could cau…
- CVE-2026-49777CRITICALCVSS 10.0EG 10.02026-06-05
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.4.
- CVE-2026-5260HIGHCVSS 8.2EG 8.22026-05-26
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption…
- CVE-2026-52905MEDIUMCVSS 5.5EG 5.52026-06-09
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: disallow non-power of two min_region_sz on damon_start() Commit d8f867fa0825 ("mm/damon: add damon_ctx->min_sz_region") introduced a bug that allows unali…
- CVE-2026-53540LOWCVSS 3.7EG 3.72026-06-15
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.31, parse_form() did not validate the Content-Length header before using it to bound its chunked read of the request body. A negative Content-Length turned the bound…
- CVE-2026-53689HIGHCVSS 7.1EG 7.12026-06-10
libnfs through 6.0.2 before 55c18ea does not validate a string size, leading to an integer overflow during a connection to a crafted NFS server. This occurs in libnfs_zdr_string in lib/libnfs-zdr.c.
- CVE-2026-54092MEDIUMCVSS 6.5EG 6.52026-06-12
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, unchecked passwords maximums allow for an arbitrarily large password to be passed int…
- CVE-2026-54234HIGHCVSS 7.5EG 7.52026-07-06
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, a frontend-legal multi-request speculative decoding workload can cause the rejection sampler to produce a recovered token equal to the m…
- CVE-2026-55392MEDIUMCVSS 5.5EG 5.52026-06-18
NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfs_sb_is_valid() function fails to validate s_log_block_size field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined beh…
- CVE-2026-55706MEDIUMCVSS 5.8EG 5.82026-06-17
sppp_pap_input in sys/net/if_spppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths.
- CVE-2026-55952HIGHCVSS 7.5EG 7.52026-07-02
The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tls_handshake_1_3…
- CVE-2026-56035HIGHCVSS 8.6EG 8.62026-06-26
Unauthenticated Multiple Vulnerabilities in BitFire Security <= 5.0.3 versions.
- CVE-2026-57019MEDIUMCVSS 6.5EG 6.52026-07-09
An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). When a s…
- CVE-2026-57023HIGHCVSS 7.5EG 7.52026-07-09
An Improper Validation of Specified Quantity in Input vulnerability in the TCP proxy plugin of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated, network-based attacker to cause a complete Denial of…
- CVE-2026-57053LOWCVSS 2.5EG 4.02026-06-23
GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idna_to_unicode_internal. The affected code is not present in libidn2.
- CVE-2026-57062LOWCVSS 2.9EG 2.92026-06-23
CMS (Cryptographic Message Syntax) parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182.
- CVE-2026-57623CRITICALCVSS 9.0EG 9.02026-07-02
Unauthenticated Arbitrary Code Execution in W3 Total Cache <= 2.9.4 versions.
- CVE-2026-59879HIGHCVSS 7.5EG 7.52026-07-08
Immutable.js provides many Persistent Immutable data structures. Prior to 4.3.9 and 5.1.8, List#set, List#setSize, List#setIn, List#updateIn, and the functional set, setIn, and updateIn mishandle an index or size in the range 2 ** 30 to 2 …
- CVE-2026-59930MEDIUMCVSS 4.3EG 4.32026-07-08
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the toc plugin and TableOfContents directive generate heading IDs as predictable toc_N values without slugifying the heading text, allowing attacker-controlled…
- CVE-2026-59997MEDIUMCVSS 5.4EG 4.22026-07-08
internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection.
- CVE-2026-6839MEDIUMCVSS 6.6EG 6.62026-04-22
Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung Open Source ONE Affected version is prior to commit 1.30.0.
- CVE-2026-6915MEDIUMCVSS 6.3EG 6.32026-04-29
An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another user account. This could affect how authentication is performed for the i…
- CVE-2026-7254MEDIUMCVSS 5.3EG 5.32026-05-27
IBM OPENBMC FW1110.00 through FW1110.11 is vulnerable to denial of service attacks by unauthenticated network users.
- CVE-2026-8047HIGHCVSS 7.5EG 7.52026-05-26
The affected products perform improper length checking when parsing incoming HTTP requests, resulting in a size-limited out-of-bounds write. An unauthenticated remote attacker can exploit this flaw to cause a denial of service via a system…
- CVE-2026-8813HIGHCVSS 7.5EG 7.52026-05-19
This affects versions of the package exifreader before 4.39.0. A crafted image containing an ICC mluc tag can set an attacker-controlled record count together with a zero record size. During parsing, ExifReader repeatedly processes the sam…
- CVE-2026-9704HIGHCVSS 8.8EG 6.82026-05-27
A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subject_token JSON Web Token (JWT) to the TokenEndpoint. When the token exceeds a 4000-character limit, it is si…
- CVE-2026-9801MEDIUMCVSS 4.9EG 4.92026-05-28
A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol (LDAP) server or an attacker compromising an upstream LDAP server, could expl…
Map vulnerabilities like CWE-1284 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1284 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →