CWE-494— Download of Code Without Integrity Check
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.— MITRE CWE catalog
204 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-494page 4 of 5
- CVE-2025-14265CRITICALCVSS 9.1EG 9.12025-12-11
In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execution of untrusted or arbitrary extensions by authorized or administrative users…
- CVE-2025-15556HIGHCVSS 7.5EG 9.0⚠ KEV2026-02-03
Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or r…
- CVE-2025-15575MEDIUMCVSS 5.3EG 5.32026-02-12
The firmware update functionality does not verify the authenticity of the supplied firmware update files. This allows attackers to flash malicious firmware update files on the device. Initial analysis of the firmware update functionality …
- CVE-2025-27593CRITICALCVSS 9.3EG 9.32025-03-14
The product can be used to distribute malicious code using SDD Device Drivers due to missing download verification checks, leading to code execution on target systems.
- CVE-2025-28236CRITICALCVSS 9.8EG 9.82025-04-18
Nautel VX Series transmitters VX SW v6.4.0 and below was discovered to contain a remote code execution (RCE) vulnerability in the firmware update process. This vulnerability allows attackers to execute arbitrary code via supplying a crafte…
- CVE-2025-30199HIGHCVSS 7.2EG 7.22025-09-05
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station.
- CVE-2025-31355HIGHCVSS 7.2EG 7.22025-08-20
A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to…
- CVE-2025-34212CRITICALCVSS 9.8EG 9.82025-09-29
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 (VA/SaaS deployments) possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads …
- CVE-2025-35115HIGHCVSS 8.1EG 8.12025-08-26
Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30.
- CVE-2025-40604CRITICALCVSS 9.8EG 6.52025-11-20
Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain pe…
- CVE-2025-4648HIGHCVSS 8.4EG 8.42025-05-13
The content of a SVG file, received as input in Centreon web, was not properly checked. Allows Reflected XSS. A user with elevated privileges can inject JS script by altering the content of a SVG media, during the submit request. This is…
- CVE-2025-52263HIGHCVSS 8.0EG 8.02025-10-27
An issue in the Web Configuration module of Startcharge Artemis AC Charger 7-22 kW v1.0.4 allows authenticated network-adjacent attackers to upload crafted firmware, leading to arbitrary code execution.
- CVE-2025-52937LOWCVSS 2.0EG 2.02025-06-23
Vulnerability in PointCloudLibrary PCL (surface/src/3rdparty/opennurbs modules). This vulnerability is associated with program files crc32.C. This vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specific…
- CVE-2025-53520HIGHCVSS 8.8EG 8.82025-08-08
The affected product allows firmware updates to be downloaded from EG4's website, transferred via USB dongles, or installed through EG4's Monitoring Center (remote, cloud-connected interface) or via a serial connection, and can install …
- CVE-2025-53696CRITICALCVSS 9.3EG 9.32025-07-28
iSTAR Ultra performs a firmware verification on boot, however the verification does not inspect certain portions of the firmware. These firmware parts may contain malicious code. Tested up to firmware 6.9.2, later firmwares are also possib…
- CVE-2025-55310HIGHCVSS 7.3EG 7.32025-12-11
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious …
- CVE-2025-55581HIGHCVSS 7.3EG 7.32025-08-22
D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure implementation in the mydlink-watch-dog.sh script. The script monitors and respawns the `dcp` and `signalc` binaries without validating their integrit…
- CVE-2025-55582MEDIUMCVSS 6.6EG 7.82025-08-27
D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog script `mydlink-watch-dog.sh`, which blindly respawns binaries such as `dcp` and `signalc` without verifying integrity, authenticity, or permissions. An attacker wi…
- CVE-2025-56513CRITICALCVSS 9.8EG 9.82025-09-30
NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of intercepting or redirecting traffic to the update url and can hijack the update process and deliver …
- CVE-2025-57431HIGHCVSS 8.8EG 8.82025-09-22
The Sound4 PULSE-ECO AES67 1.22 web-based management interface is vulnerable to Remote Code Execution (RCE) via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to…
- CVE-2025-61228HIGHCVSS 7.8EG 7.82025-12-01
An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism
- CVE-2025-63215HIGHCVSS 7.2EG 7.22025-11-18
The Sound4 IMPACT web-based management interface is vulnerable to Remote Code Execution (RCE) via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitr…
- CVE-2025-63220HIGHCVSS 7.2EG 7.22025-11-19
The Sound4 FIRST web-based management interface is vulnerable to Remote Code Execution (RCE) via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitra…
- CVE-2025-63434HIGHCVSS 8.8EG 8.82025-11-24
The update mechanism in Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is insecure. The application downloads and extracts update packages containing executable code without performing a cryptographic integrity or authentici…
- CVE-2025-65855MEDIUMCVSS 6.6EG 6.62025-12-17
The OTA firmware update mechanism in Netun Solutions HelpFlash IoT (firmware v18_178_221102_ASCII_PRO_1R5_50) uses hard-coded WiFi credentials identical across all devices and does not authenticate update servers or validate firmware signa…
- CVE-2025-66331MEDIUMCVSS 5.5EG 3.32025-12-08
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-66332MEDIUMCVSS 5.5EG 3.32025-12-08
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-66333MEDIUMCVSS 5.5EG 3.32025-12-08
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-66334MEDIUMCVSS 5.5EG 3.32025-12-08
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-68109CRITICALCVSS 9.1EG 9.12025-12-17
ChurchCRM is an open-source church management system. In versions prior to 6.5.3, the Database Restore functionality does not validate the content or file extension of uploaded files. As a result, an attacker can upload a web shell file an…
- CVE-2025-69263HIGHCVSS 8.8EG 7.52026-01-07
pnpm is a package manager. Versions 10.26.2 and below store HTTP tarball dependencies (and git-hosted tarballs) in the lockfile without integrity hashes. This allows the remote server to serve different content on each install, even when a…
- CVE-2025-7620HIGHCVSS 8.8EG 8.82025-07-14
The cross-browser document creation component produced by Digitware System Integration Corporation has a Remote Code Execution vulnerability. If a user visits a malicious website while the component is active, remote attackers can cause th…
- CVE-2025-9319HIGHCVSS 7.5EG 7.52025-09-11
A potential vulnerability was reported in the Lenovo Wallpaper Client that could allow arbitrary code execution under certain conditions.
- CVE-2026-20056MEDIUMCVSS 4.0EG 4.02026-02-04
A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malici…
- CVE-2026-22816HIGHCVSS 7.4EG 7.42026-01-16
Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository…
- CVE-2026-22865HIGHCVSS 7.4EG 7.42026-01-16
Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository…
- CVE-2026-25961HIGHCVSS 7.5EG 7.52026-02-09
SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, SumatraPDF's update mechanism disables TLS hostname verification (INTERNET_FLAG_IGNORE_CERT_CN_INVALID) and executes installers without signature checks. A network at…
- CVE-2026-27180CRITICALCVSS 9.8EG 9.82026-02-18
MajorDoMo (aka Major Domestic Module) is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL poisoning. The saverestore module exposes its admin() method through the /objects/?module=saveresto…
- CVE-2026-28500CRITICALCVSS 9.1EG 8.62026-03-16
Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load() due to improper logic in the repository trust verifi…
- CVE-2026-30603MEDIUMCVSS 6.8EG 6.82026-04-02
An issue in the firmware update mechanism of Qianniao QN-L23PA0904 v20250721.1640 allows attackers to gain root access, install backdoors, and exfiltrate data via supplying a crafted iu.sh script contained in an SD card.
- CVE-2026-32148MEDIUMCVSS 5.9EG 5.92026-04-30
Insufficient Verification of Data Authenticity vulnerability in hexpm hex (Hex.RemoteConverger module) allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for dependencies in the mix.lock file to ens…
- CVE-2026-3428MEDIUMCVSS 5.4EG 5.42026-04-16
A Download of Code Without Integrity Check vulnerability in the update modules in ASUS Member Center(华硕大厅) allows a local user to achieve privilege escalation to Administrator via exploitation of a Time-of-check Time-of-use (TOC-TO…
- CVE-2026-34841CRITICALCVSS 9.8EG 9.82026-04-06
Bruno is an open source IDE for exploring and testing APIs. Prior to 3.2.1, Bruno was affected by a supply chain attack involving compromised versions of the axios npm package, which introduced a hidden dependency deploying a cross-platfor…
- CVE-2026-3502HIGHCVSS 7.8EG 9.0⚠ KEV2026-03-30
TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or install…
- CVE-2026-40066HIGHCVSS 8.8EG 8.82026-04-17
Anviz CX2 Lite and CX7 are vulnerable to unverified update packages that can be uploaded. The device unpacks and executes a script resulting in unauthenticated remote code execution.
- CVE-2026-42248CRITICALCVSS 9.8EG 9.82026-04-29
Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. Unlike other platforms, the Windows implementation of the update verification routine unconditionally returns success so no digita…
- CVE-2026-42249CRITICALCVSS 9.8EG 9.82026-04-29
Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using…
- CVE-2026-42575HIGHCVSS 7.5EG 7.52026-05-09
apko allows users to build and publish OCI container images built from apk packages. Prior to version 1.2.7, apko verifies the signature on APKINDEX.tar.gz but never compares individually downloaded .apk packages against the checksum recor…
- CVE-2026-45058CRITICALCVSS 9.4EG 9.42026-05-28
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In 3.8.8 and earlier, there is persistent local-pty code execution via imported bookmarks or compromised sync targets. Affects users who import bookm…
- CVE-2026-49241HIGHCVSS 8.8EG 8.82026-06-22
The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. Prior to 21.2.4, the client-side Angular Language Service VS Code extension reads the custom TypeScript SDK paths typescript.tsdk and …
Map vulnerabilities like CWE-494 to your infrastructure
EchelonGraph correlates every CVE — across CWE-494 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →