CWE-693— Protection Mechanism Failure
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.— MITRE CWE catalog
588 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-693page 11 of 12
- CVE-2026-39888CRITICALCVSS 9.9EG 9.92026-04-08
PraisonAI is a multi-agent teams system. Prior to 1.5.115, execute_code() in praisonaiagents.tools.python_tools defaults to sandbox_mode="sandbox", which runs user code in a subprocess wrapped with a restricted __builtins__ dict and an AST…
- CVE-2026-40158HIGHCVSS 8.6EG 8.62026-04-10
PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI's AST-based Python sandbox can be bypassed using type.__getattribute__ trampoline, allowing arbitrary code execution when running untrusted agent code. The _execute_code_…
- CVE-2026-40311MEDIUMCVSS 5.5EG 5.52026-04-13
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash when reading and printing values from a…
- CVE-2026-40604MEDIUMCVSS 4.4EG 4.42026-04-21
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.6, the opfilter Endpoint Security system extension (bundle ID uk.craigbass.clearancekit.opfilter) can be suspended with SIGST…
- CVE-2026-41316HIGHCVSS 8.1EG 8.12026-04-24
ERB is a templating system for Ruby. Ruby 2.7.0 (before ERB 2.2.0 was published on rubygems.org) introduced an `@_init` instance variable guard in `ERB#result` and `ERB#run` to prevent code execution when an ERB object is reconstructed via…
- CVE-2026-41469MEDIUMCVSS 5.2EG 5.22026-04-22
Beghelli Sicuro24 SicuroWeb does not enforce a Content Security Policy, allowing unrestricted loading of external JavaScript resources from attacker-controlled origins. When chained with the template injection and sandbox escape vulnerabil…
- CVE-2026-41900HIGHCVSS 8.8EG 8.82026-05-08
OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3, a remote code execution (RCE) vulnerability was identified in the OpenLearnX code execution environment, allowing sandbox escape and arbi…
- CVE-2026-42261HIGHCVSS 7.1EG 7.12026-05-08
PromptHub is an all-in-one AI toolbox for prompt, skill, and agent management. From version 0.4.9 to before version 0.5.4, apps/web/src/routes/skills.ts exposes an authenticated endpoint POST /api/skills/fetch-remote that fetches a user-su…
- CVE-2026-43660HIGHCVSS 7.5EG 7.52026-05-11
A validation issue was addressed with improved logic. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web …
- CVE-2026-44000MEDIUMCVSS 6.5EG 6.52026-05-13
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox boundary violation in vm2 allows host object identity to cross into the sandbox through host Promise resolution. When a host-side Promise that resolves to a host obje…
- CVE-2026-44003MEDIUMCVSS 5.3EG 5.32026-05-13
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, vm2's code transformer has a performance optimization that skips AST analysis when the code does not contain catch, import, or async keywords. This fast-path bypass allows sand…
- CVE-2026-44071LOWCVSS 3.7EG 3.72026-05-21
Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFY_SOURCE, which disables built-in buffer overflow detection at runtime, potentially allowing a remote attacker to cause a minor denial of service via memory errors that would otherwise…
- CVE-2026-44451CRITICALCVSS 9.3EG 9.32026-05-26
Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals (fetch, window, eval, etc.) with undef…
- CVE-2026-4447HIGHCVSS 8.8EG 8.82026-03-20
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- CVE-2026-44646MEDIUMCVSS 5.3EG 5.32026-05-27
LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, Context.spawn() creates a child Context for the {% render %} tag but does not propagate the parent context's resolved …
- CVE-2026-45102CRITICALCVSS 9.9EG 9.92026-05-27
OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recu…
- CVE-2026-45227HIGHCVSS 8.8EG 8.82026-05-12
Heym before 0.0.21 contains a sandbox escape vulnerability in the custom Python tool executor that allows authenticated workflow authors to bypass sandbox restrictions by using object-graph introspection primitives. Attackers can use Pytho…
- CVE-2026-45459LOWCVSS 3.3EG 3.32026-06-09
Protection mechanism failure in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.
- CVE-2026-45588HIGHCVSS 7.9EG 7.92026-06-09
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
- CVE-2026-45595MEDIUMCVSS 5.4EG 5.42026-06-09
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.
- CVE-2026-45655MEDIUMCVSS 5.3EG 5.32026-06-09
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
- CVE-2026-45656HIGHCVSS 7.8EG 7.82026-06-09
Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally.
- CVE-2026-45697CRITICALCVSS 9.8EG 9.82026-05-18
Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20 and 3.1.24, unauthenticated users could submit crafted values into Hidden fields (with Default value → Custom) that were evaluated as Twig during submission handling, which…
- CVE-2026-47135HIGHCVSS 8.7EG 8.72026-05-29
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, Symbol.for override in setup-sandbox.js only intercepts 2 of 9 dangerous Node.js cross-realm symbols. Combined with the bridge's set/defineProperty/deleteProperty traps…
- CVE-2026-47139HIGHCVSS 8.6EG 8.62026-05-29
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM supports excluding public network builtins from the wildcard builtin option. With this configuration direct access to http, https, http2, net, dgram, tls, dns, a…
- CVE-2026-47140CRITICALCVSS 10.0EG 10.02026-05-29
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM blocks several dangerous Node.js builtins such as module, worker_threads, cluster, vm, repl, and inspector. However, the denylist misses process and inspector/pr…
- CVE-2026-47209HIGHCVSS 8.6EG 8.62026-05-29
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, the BaseHandler.set trap in bridge.js (line 1231) ignores the receiver parameter and unconditionally writes to the host target object. Per the Proxy set trap specificat…
- CVE-2026-47656HIGHCVSS 7.9EG 7.92026-06-09
Protection mechanism failure in Windows Boot Manager allows an authorized attacker to bypass a security feature locally.
- CVE-2026-47676MEDIUMCVSS 5.3EG 5.32026-05-28
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, app.mount() strips the mount prefix from the incoming request path using the raw URL pathname, while route matching is performed agains…
- CVE-2026-48546HIGHCVSS 7.3EG 7.32026-06-11
KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.runInNewContext() sandbox context in the i…
- CVE-2026-48568HIGHCVSS 7.9EG 7.92026-06-09
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
- CVE-2026-48570HIGHCVSS 7.9EG 7.92026-06-09
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
- CVE-2026-48575HIGHCVSS 7.9EG 7.92026-06-09
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
- CVE-2026-48721HIGHCVSS 8.6EG 8.62026-06-24
Warp is an agentic development environment. From 0.2025.10.08.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution permission-check bypass in the default unsandboxed CLI agent profile. The CLI profile is no…
- CVE-2026-48792MEDIUMCVSS 4.4EG 4.42026-05-27
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/evdev.c silently ignores EACCES errors when opening /dev/input/event* nodes, causing pusb_has_virtual_input_device() to return 0 (no vir…
- CVE-2026-49316MEDIUMCVSS 4.6EG 4.62026-05-29
Expected behavior violation in the in-vehicle network of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the motorcycle's anti-theft shutdown by forcing the Wireless Control Module (W…
- CVE-2026-49325MEDIUMCVSS 4.6EG 4.62026-05-29
Improper handling of physical conditions in the bike-shutdown control of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows a physical attacker with access to the Wireless Control Module (WCM) wiring harness to bypass the ant…
- CVE-2026-49859MEDIUMCVSS 5.2EG 5.22026-06-16
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when fetch() was called, Deno checked the destination hostname against --deny-net rules but did not re-check the IP addresses that hostname resolved to. An attacker…
- CVE-2026-50545CRITICALCVSS 9.9EG 9.92026-06-10
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, the Environment.spec.runtime.podSpec / spec.builder.podSpec passthrough …
- CVE-2026-50564CRITICALCVSS 9.9EG 9.92026-06-10
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Environment CRD exposes spec.runtime.podSpec and spec.builder.…
- CVE-2026-5276MEDIUMCVSS 6.5EG 6.52026-04-01
Insufficient policy enforcement in WebUSB in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
- CVE-2026-53845MEDIUMCVSS 4.3EG 4.32026-06-16
OpenClaw before 2026.5.6 contains a hook bypass vulnerability where skill commands routed through the affected dispatch path skip before-tool-call hook coverage. Attackers can exploit this by sending skill commands through the vulnerable d…
- CVE-2026-53853HIGHCVSS 8.3EG 8.32026-06-16
OpenClaw before 2026.5.12 contains an argument pattern validation bypass in the exec allowlist that allows attackers to execute disallowed arguments for allowlisted executables on Linux and macOS systems. Attackers can bypass configured ar…
- CVE-2026-53949MEDIUMCVSS 5.3EG 5.32026-06-24
Ghost is a Node.js content management system. From 5.46.1 until 6.21.2, the validation applied to filters on the public API endpoints could be partially bypassed, making it possible to reveal private fields via a brute force attack. If SQL…
- CVE-2026-54013HIGHCVSS 7.6EG 7.62026-06-17
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but forgot to apply the same fix to model profi…
- CVE-2026-54762HIGHCVSS 8.6EG 8.62026-06-19
Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to fail open. When an Ingress explicitly e…
- CVE-2026-55487HIGHCVSS 8.8EG 8.82026-06-25
pnpm is a package manager. Prior to 10.34.2 and 11.5.3, the generic peer-suffix normalizer also stripped parenthesized text from git, URL, tarball, file, and other opaque locators. Approval for one source string could therefore authorize a…
- CVE-2026-57280HIGHCVSS 8.8EG 8.82026-06-24
Jenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not intercept the implicit type casts applied to the elements of typed for-each loops in sandboxed Groovy scripts, allowing attackers able to provide such scripts to invoke…
- CVE-2026-57281HIGHCVSS 7.5EG 7.52026-06-24
Jenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not reject Groovy AST transformation annotations carrying an extensions member, allowing attackers able to run sandboxed Groovy scripts to execute code outside the sandbox …
- CVE-2026-58052LOWCVSS 3.3EG 3.32026-06-28
7-Zip for Windows through 26.02 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier stream matches the exact name 'Zone.Identifier' while a RAR…
Map vulnerabilities like CWE-693 to your infrastructure
EchelonGraph correlates every CVE — across CWE-693 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →