Falhas do tipo CWE-942
100 resultadosCVE-2025-57755HIGHclaude-code-router CORS. misconfigurationEPSS 0.3%CVE-2025-4515MEDIUMZylon PrivateGPT settings.yaml cross-domain policyEPSS 0.3%CVE-2025-41363MEDIUMCORS vulnerability in IDF and ZLFEPSS 0.3%CVE-2025-10529MEDIUMSame-origin policy bypass in the Layout componentEPSS 0.3%CVE-2026-9739CRITICALVulnerable to DNS rebinding attacks when using SSE (http://b/499408790). During the beta phase, we implemented `allowed-origins` and `alloweEPSS 0.3%CVE-2025-53092MEDIUMStrapi core vulnerable to sensitive data exposure via CORS misconfigurationEPSS 0.3%CVE-2026-5302MEDIUMPermissive Cross-domain Policy with Untrusted Domains in coolercontroldEPSS 0.3%CVE-2026-30924CRITICALqui CORS Misconfiguration: Arbitrary Origins TrustedEPSS 0.3%CVE-2025-4839LOWitwanger paicoding CrossUtil.java cross-domain policyEPSS 0.3%CVE-2026-54290HIGHHono: CORS Middleware reflects any Origin with credentials when `origin` defaults to the wildcardEPSS 0.2%CVE-2026-10056HIGHCORS misconfiguration in Nx Witness VMS allows session token exfiltration via cross-origin requestEPSS 0.2%CVE-2025-25234HIGHOmnissa UAG contains a Cross-Origin Resource Sharing (CORS) bypass vulnerability. A malicious actor with network access to UAG may be able tEPSS 0.2%CVE-2026-27579HIGHCollabPlatform : CORS Misconfiguration Allows Arbitrary Origin With Credentials Leading to Authenticated Account Data ExposureEPSS 0.2%CVE-2026-34237MEDIUMMCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *)EPSS 0.2%CVE-2025-4542LOWFreeebird Hotel 酒店管理系统 API SessionInterceptor.java cross-domain policyEPSS 0.2%CVE-2026-46431MEDIUMAlgernon: Auto-refresh SSE event server sets Access-Control-Allow-Origin: *EPSS 0.2%CVE-2025-13019HIGHSame-origin policy bypass in the DOM: Workers componentEPSS 0.2%CVE-2025-13017HIGHSame-origin policy bypass in the DOM: Notifications componentEPSS 0.2%CVE-2026-24435HIGHTenda W30E V2 Permissive CORS Allows Cross-origin Data AccessEPSS 0.2%CVE-2023-37401MEDIUMIBM Aspera Faspex cross-origin resource sharingEPSS 0.2%