CWE-693— Protection Mechanism Failure
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.— MITRE CWE catalog
588 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-693page 10 of 12
- CVE-2026-14097CRITICALCVSS 9.6EG 9.62026-06-30
Inappropriate implementation in WebAppInstalls in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium sec…
- CVE-2026-14101CRITICALCVSS 9.6EG 9.62026-06-30
Insufficient policy enforcement in Sandbox in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium securit…
- CVE-2026-14120CRITICALCVSS 9.6EG 9.62026-07-01
Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severit…
- CVE-2026-14151HIGHCVSS 8.3EG 9.62026-07-01
Inappropriate implementation in AI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
- CVE-2026-14409HIGHCVSS 7.5EG 7.52026-07-02
Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium secur…
- CVE-2026-14440MEDIUMCVSS 6.8EG 6.82026-07-02
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design (e.g. 'issue "lets…
- CVE-2026-14535CRITICALCVSS 9.8EG 8.82026-07-04
In Trail of Bits fickling versions up to and including 0.1.11, the UnsafeImportsML analysis pass unconditionally calls AnalysisContext.shorten_code(node) on every import node it inspects, regardless of whether the import is flagged as unsa…
- CVE-2026-14625MEDIUMCVSS 6.3EG 6.32026-07-04
A security flaw has been discovered in NousResearch hermes-agent up to 0.15.2. The affected element is the function shell.exec of the file tui_gateway/server.py. The manipulation results in protection mechanism failure. It is possible to l…
- CVE-2026-20667HIGHCVSS 8.8EG 8.82026-02-11
A logic issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, watchOS 26.3. An app may be able to break out of its sandbox.
- CVE-2026-20824MEDIUMCVSS 5.5EG 5.52026-01-13
Protection mechanism failure in Windows Remote Assistance allows an unauthorized attacker to bypass a security feature locally.
- CVE-2026-21510HIGHCVSS 8.8EG 9.0⚠ KEV2026-02-10
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
- CVE-2026-21513HIGHCVSS 8.8EG 9.0⚠ KEV2026-02-10
Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.
- CVE-2026-21668HIGHCVSS 8.8EG 8.82026-03-12
A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository.
- CVE-2026-21669CRITICALCVSS 9.9EG 9.92026-03-12
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
- CVE-2026-21671CRITICALCVSS 9.1EG 9.12026-03-12
A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication.
- CVE-2026-22013MEDIUMCVSS 5.3EG 5.32026-04-21
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17…
- CVE-2026-22686CRITICALCVSS 10.0EG 10.02026-01-14
Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.7.0, there is a critical sandbox escape vulnerability in enclave-vm that allows untrusted, sandboxed JavaScript code to execute arbitrary code in …
- CVE-2026-22692MEDIUMCVSS 4.9EG 4.92026-04-14
October is a Content Management System (CMS) and web platform. Versions prior to 3.7.13 and versions 4.0.0 through 4.1.4 contain a sandbox bypass vulnerability in the optional Twig safe mode feature (CMS_SAFE_MODE). Certain methods on the …
- CVE-2026-22707MEDIUMCVSS 5.4EG 5.42026-05-14
Strapi is an open source headless content management system. In Strapi versions prior to 5.33.3, the Upload plugin's Content API endpoints did not enforce the administrator-configured MIME type restrictions (`plugin.upload.security.allowed…
- CVE-2026-22709CRITICALCVSS 9.8EG 9.82026-01-26
vm2 is an open source vm/sandbox for Node.js. In vm2 prior to version 3.10.2, `Promise.prototype.then` `Promise.prototype.catch` callback sanitization can be bypassed. This allows attackers to escape the sandbox and run arbitrary code. In …
- CVE-2026-22753HIGHCVSS 7.5EG 7.52026-04-22
Vulnerability in Spring Spring Security. If an application is using securityMatchers(String) and a PathPatternRequestMatcher.Builder bean to prepend a servlet path, matching requests to that filter chain may fail and its related securi…
- CVE-2026-23553LOWCVSS 2.9EG 2.92026-01-28
In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating be…
- CVE-2026-23830CRITICALCVSS 10.0EG 10.02026-01-28
SandboxJS is a JavaScript sandboxing library. Versions prior to 0.8.26 have a sandbox escape vulnerability due to `AsyncFunction` not being isolated in `SandboxFunction`. The library attempts to sandbox code execution by replacing the glob…
- CVE-2026-24118CRITICALCVSS 9.8EG 9.82026-05-04
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host …
- CVE-2026-24120CRITICALCVSS 9.8EG 9.82026-05-04
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.10.5, the fix for CVE-2023-37466 is insufficient and can be circumvented allowing attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands…
- CVE-2026-24425CRITICALCVSS 9.9EG 9.92026-05-20
Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and re…
- CVE-2026-24781CRITICALCVSS 9.8EG 9.82026-05-04
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can escape from the VM2 sandbox and execute ar…
- CVE-2026-24868MEDIUMCVSS 6.5EG 7.52026-01-27
Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 147.0.2.
- CVE-2026-25056HIGHCVSS 8.8EG 8.82026-02-04
n8n is an open source workflow automation platform. Prior to versions 1.118.0 and 2.4.0, a vulnerability in the Merge node's SQL Query mode allowed authenticated users with permission to create or modify workflows to write arbitrary files …
- CVE-2026-25115CRITICALCVSS 9.9EG 9.92026-02-04
n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security bo…
- CVE-2026-26332CRITICALCVSS 10.0EG 9.82026-05-04
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, SuppressedError allows attackers to escape the sandbox and run arbitrary code. This issue has been patched in version 3.11.0.
- CVE-2026-26956CRITICALCVSS 9.8EG 9.82026-05-04
vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerable to full sandbox escape with arbitrary code execution. Attacker code inside VM.run() obtains host process object and runs host commands with zero host cooper…
- CVE-2026-2761CRITICALCVSS 10.0EG 10.02026-02-24
Sandbox escape in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
- CVE-2026-2768CRITICALCVSS 10.0EG 10.02026-02-24
Sandbox escape in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
- CVE-2026-27893HIGHCVSS 8.8EG 8.82026-03-27
vLLM is an inference and serving engine for large language models (LLMs). Starting in version 0.10.1 and prior to version 0.18.0, two model implementation files hardcode `trust_remote_code=True` when loading sub-components, bypassing the u…
- CVE-2026-28500CRITICALCVSS 9.1EG 8.62026-03-16
Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load() due to improper logic in the repository trust verifi…
- CVE-2026-28914MEDIUMCVSS 5.5EG 5.52026-05-11
A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks.
- CVE-2026-29649CRITICALCVSS 9.8EG 9.82026-04-20
NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg[7:4] (CBIE/CBCFE/CBZE-related fields) is incorrectly masked/updated based on menvcfg[7:4], so a machine-mode write to menvcfg can implicitly modify th…
- CVE-2026-30904MEDIUMCVSS 4.3EG 1.82026-05-13
Protection Mechanism Failure in Zoom Workplace for iOS before version 7.0.0 may allow an authenticated user to conduct a disclosure of information via physical access.
- CVE-2026-32202MEDIUMCVSS 4.3EG 9.0⚠ KEV2026-04-14
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.
- CVE-2026-32225HIGHCVSS 8.8EG 8.82026-04-14
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
- CVE-2026-34072CRITICALCVSS 9.8EG 9.82026-04-01
Cr*nMaster (cronmaster) is a Cronjob management UI with human readable syntax, live logging and log history for cronjobs. Prior to version 2.2.0, an authentication bypass in middleware allows unauthenticated requests with an invalid sessio…
- CVE-2026-34208CRITICALCVSS 10.0EG 10.02026-04-06
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, SandboxJS blocks direct assignment to global objects (for example Math.random = ...), but this protection can be bypassed through an exposed callable constructor path: this.con…
- CVE-2026-34444CRITICALCVSS 10.0EG 10.02026-04-06
Lupa integrates the runtimes of Lua or LuaJIT2 into CPython. In 2.6 and earlier, attribute_filter is not consistently applied when attributes are accessed through built-in functions like getattr and setattr. This allows an attacker to bypa…
- CVE-2026-3472LOWCVSS 3.5EG 3.52026-06-26
Mattermost versions 10.11.x <= 10.11.18, 11.6.x <= 11.6.3, 11.5.x <= 11.5.6 fail to properly apply markdown image rendering restrictions to AI bot tool result posts, which allows an authenticated attacker to exfiltrate data to an attacker-…
- CVE-2026-34938CRITICALCVSS 10.0EG 10.02026-04-03
PraisonAI is a multi-agent teams system. Prior to version 1.5.90, execute_code() in praisonai-agents runs attacker-controlled Python inside a three-layer sandbox that can be fully bypassed by passing a str subclass with an overridden start…
- CVE-2026-35408HIGHCVSS 8.7EG 8.72026-04-06
Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus's Single Sign-On (SSO) login pages lacked a Cross-Origin-Opener-Policy (COOP) HTTP response header. Without this header, a maliciou…
- CVE-2026-39419LOWCVSS 3.1EG 3.12026-04-14
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an authenticated user can bypass sandbox result validation and spoof tool execution results by exploiting Python frame introspection to read the wrapper's UU…
- CVE-2026-39420MEDIUMCVSS 6.3EG 6.32026-04-14
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an incomplete sandbox protection mechanism allows an authenticated user with tool execution privileges to escape the LD_PRELOAD-based sandbox. By env command…
- CVE-2026-39421MEDIUMCVSS 6.3EG 6.32026-04-14
MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacke…
Map vulnerabilities like CWE-693 to your infrastructure
EchelonGraph correlates every CVE — across CWE-693 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →