CWE-696
12 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-696page 1 of 1
- CVE-2021-22569HIGHCVSS 7.5EG 7.52022-01-10
An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numb…
- CVE-2021-31379HIGHCVSS 7.5EG 7.52021-10-19
An Incorrect Behavior Order vulnerability in the MAP-E automatic tunneling mechanism of Juniper Networks Junos OS allows an attacker to send certain malformed IPv4 or IPv6 packets to cause a Denial of Service (DoS) to the PFE on the device…
- CVE-2023-23576MEDIUMCVSS 4.3EG 4.32023-12-18
Incorrect behavior order in the Command Centre Server could allow privileged users to gain physical access to the site for longer than intended after a network outage when competencies are used in the access decision. This issue affects…
- CVE-2023-33224HIGHCVSS 7.2EG 6.82023-07-26
The SolarWinds Platform was susceptible to the Incorrect Behavior Order Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.
- CVE-2023-44386MEDIUMCVSS 5.3EG 5.32023-10-05
Vapor is an HTTP web framework for Swift. There is a denial of service vulnerability impacting all users of affected versions of Vapor. The HTTP1 error handler closed connections when HTTP parse errors occur instead of passing them on. The…
- CVE-2024-24853HIGHCVSS 7.2EG 7.22024-08-14
Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2024-30389MEDIUMCVSS 5.8EG 5.82024-04-12
An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vuln…
- CVE-2024-30410MEDIUMCVSS 5.8EG 5.82024-04-12
An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interfac…
- CVE-2024-35229MEDIUMCVSS 5.3EG 5.32024-05-27
ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to version 1.3.10, there is a very specific pattern `f(a(),b()); check_if_a_executed_last()` in Yul that exposes a bug in evaluation order of Yul funct…
- CVE-2024-45157MEDIUMCVSS 5.1EG 5.12024-09-05
An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not cause the PSA subsystem to use HMAC_DRB…
- CVE-2026-35636MEDIUMCVSS 6.5EG 6.52026-04-09
OpenClaw versions 2026.3.11 through 2026.3.24 contain a session isolation bypass vulnerability where session_status resolves sessionId to canonical session keys before enforcing visibility checks. Sandboxed child sessions can exploit this …
- CVE-2026-44919MEDIUMCVSS 4.3EG 4.32026-05-14
In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL.
Map vulnerabilities like CWE-696 to your infrastructure
EchelonGraph correlates every CVE — across CWE-696 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →