| Missing Authentication for Critical Function | |
| Excessive Platform Resource Consumption within a Loop | |
| Missing Release of Resource after Effective Lifetime | |
| Missing Authorization | |
| Improper Certificate Validation | |
| Improper Validation of Specified Quantity in Input | |
| Improperly Implemented Security Check for Standard | |
| Cross-site Scripting (XSS) | |
| Creation of Immutable Text Using String Concatenation | |
| Unchecked Input for Loop Condition | |
| CVE-2026-33811 | |
| Cross-site Scripting (XSS) | |
| Unchecked Input for Loop Condition | |
| Missing Authentication for Critical Function | |
| OS Command Injection | |
| Incorrect Behavior Order: Authorization Before Parsing and Canonicalization | |
| Allocation of Resources Without Limits or Throttling | |
| Improper Output Neutralization for Logs | |
| Improper Validation of Syntactic Correctness of Input | |
| Creation of Immutable Text Using String Concatenation | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Reachable Assertion | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| CVE-2025-58186 | |
| HTTP Request Smuggling | |
| Resource Exhaustion | |