Falhas do tipo CWE-348
52 resultadosCVE-2025-47424HIGHRetool (self-hosted) before 3.196.0 allows Host header injection. When the BASE_DOMAIN environment variable is not set, the HTTP host headerEPSS 0.1%CVE-2025-55292HIGHIn Meshtastic, an attacker can spoof licensed amateur flag for a nodeEPSS 0.1%CVE-2026-3635MEDIUMFastify request.protocol and request.host spoofable via X-Forwarded-Proto/Host from untrusted connections when trustProxy uses restrictive trust functionEPSS 0.1%CVE-2026-54289MEDIUMHono: Lambda@Edge adapter keeps only the last value of a repeated request header, dropping the restEPSS 0.1%CVE-2026-12249CRITICALCanonical ADSys Trust Store Poisoning via Plaintext HTTP Certificate Auto-EnrollmentEPSS 0.1%CVE-2026-24910MEDIUMIn Bun before 1.3.5, the default trusted dependencies list (aka trust allow list) can be spoofed by a non-npm package in the case of a matchEPSS 0.1%CVE-2025-48825LOWRICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0 contains an issue with use of less trusted source, which may allow an attacker who EPSS 0.1%CVE-2025-58422LOWRICOH Streamline NX versions 3.5.1 to 24R3 are vulnerable to tampering with operation history. If an attacker can perform a man-in-the-middlEPSS 0.1%CVE-2026-35507MEDIUMShynet before 0.14.0 allows Host header injection in the password reset flow.EPSS 0.1%CVE-2025-32900MEDIUMIn the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information EPSS 0.1%CVE-2025-43918MEDIUMSSL.com before 2025-04-19, when domain validation method 3.2.2.4.14 is used, processes certificate requests such that a trusted TLS certificEPSS 0.1%CVE-2026-40226MEDIUMIn nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.EPSS 0.1%