CWE-923— Improper Restriction of Communication Channel to Intended Endpoints
The product establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint.— MITRE CWE catalog
56 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-923page 2 of 2
- CVE-2026-22715MEDIUMCVSS 5.9EG 5.92026-02-26
VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of o…
- CVE-2026-22726MEDIUMCVSS 5.0EG 5.02026-05-01
Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure a route-service that would allow it to …
- CVE-2026-23664HIGHCVSS 7.5EG 7.52026-03-10
Improper restriction of communication channel to intended endpoints in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.
- CVE-2026-33803MEDIUMCVSS 6.5EG 6.52026-07-09
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact t…
- CVE-2026-55655MEDIUMCVSS 6.1EG 5.02026-06-23
A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a …
- CVE-2026-57028HIGHCVSS 7.3EG 7.32026-07-09
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion. Due to an incorrect initialization, …
Map vulnerabilities like CWE-923 to your infrastructure
EchelonGraph correlates every CVE — across CWE-923 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →