CWE-668— Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.— MITRE CWE catalog
1,109 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-668page 23 of 23
- CVE-2026-48096MEDIUMCVSS 5.3EG 5.32026-06-10
OpenFGA is an authorization/permission engine built for developers. Prior to version 1.16.0, when iterator caching is enabled, two distinct check requests can produce the same cache key, leading to OpenFGA reusing an earlier cached result …
- CVE-2026-50202MEDIUMCVSS 5.9EG 5.92026-06-17
Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Security.Authentication.CloudFoundryBase prior to version 3.4.0, Steeltoe.Security.Authentication.JwtB…
- CVE-2026-53648MEDIUMCVSS 5.1EG 5.12026-07-06
FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.1, downloadable product files are stored using a deterministic filename-derived path. When an administrator uploads a file for a downloadable pro…
- CVE-2026-53657HIGHCVSS 8.2EG 8.22026-07-10
Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to 2.1.3, on an instance of Lima running with the qemu driver, an arbitrary user in the VM could access /run/lima-guestagent.sock when the guest agent …
- CVE-2026-53826MEDIUMCVSS 4.3EG 4.32026-06-12
OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session spawning that exposes the real workspace path to child prompts. Attackers can exploit this by spawning child sessions from sandboxed parents to…
- CVE-2026-56077MEDIUMCVSS 6.5EG 6.52026-06-18
PraisonAI before 1.5.115 contains an information disclosure vulnerability in the MultiAgentLedger component that allows attackers to access sensitive data by registering agents with duplicate IDs. Attackers can exploit the lack of agent ID…
- CVE-2026-57231HIGHCVSS 7.5EG 7.52026-06-26
Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a container image that contains a environment variable with just a key and no value can trick podman into passing that variable from the host into the container…
- CVE-2026-6830LOWCVSS 3.3EG 3.32026-04-21
nesquena hermes-webui contains an environment variable leakage vulnerability where profile switching does not clear environment variables from the previously active profile before loading the next profile. Attackers or users can exploit ad…
- CVE-2026-8958HIGHCVSS 8.6EG 8.62026-05-19
Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Map vulnerabilities like CWE-668 to your infrastructure
EchelonGraph correlates every CVE — across CWE-668 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →