| Access of Uninitialized Pointer | |
| Uncontrolled Recursion | |
| Off-by-one Error | |
| Out-of-bounds Write | |
| Cross-site Scripting (XSS) | |
| Out-of-bounds Write | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Inefficient Regular Expression Complexity | |
| Unchecked Input for Loop Condition | |
| Uncaught Exception | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Unchecked Input for Loop Condition | |
| Inefficient Regular Expression Complexity | |
| Cross-site Scripting (XSS) | |
| Incorrect Behavior Order: Early Validation | |
| Allocation of Resources Without Limits or Throttling | |
| Unchecked Input for Loop Condition | |
| Improper Handling of Highly Compressed Data (Data Amplification) | |
| Server-Side Request Forgery (SSRF) | |
| CVE-2026-23865 | |
| Server-Side Request Forgery (SSRF) | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Inefficient Regular Expression Complexity | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Time-of-check Time-of-use (TOCTOU) | |
| Use of a Risky Cryptographic Primitive | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Cross-site Scripting (XSS) | |
| Improper Verification of Source of a Communication Channel | |
| Resource Exhaustion | |
| Link Following | |
| Inefficient Regular Expression Complexity | |
| Improper Validation of Unsafe Equivalence in Input | |
| Incomplete Filtering of Special Elements | |
| Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) | |
| Use After Free | |
| Cross-site Scripting (XSS) | |
| Missing Required Cryptographic Step | |
| Resource Exhaustion | |
| Resource Exhaustion | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Incorrect Regular Expression | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Cross-site Scripting (XSS) | |
| Stack-based Buffer Overflow | |
| Improper Authentication | |
| Out-of-bounds Write | |
| Use After Free | |
| Information Exposure | |
| Out-of-Bounds | |
| Use After Free | |
| Integer Overflow or Wraparound | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Arbitrary Code Injection | |
| Out-of-bounds Write | |
| Improper Validation of Array Index | |
| Arbitrary Code Injection | |
| Arbitrary Code Injection | |
| Arbitrary Code Injection | |
| Out-of-bounds Write | |
| Out-of-bounds Read | |
| Arbitrary Code Injection | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Out-of-bounds Read | |
| Arbitrary Code Injection | |
| Out-of-bounds Write | |
| Arbitrary Code Injection | |
| Use After Free | |
| Out-of-bounds Write | |
| Use After Free | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Use After Free | |
| Out-of-bounds Write | |
| Improper Authorization | |
| Cross-site Scripting (XSS) | |
| Improper Input Validation | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Use After Free | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Arbitrary Code Injection | |
| Out-of-bounds Write | |
| Arbitrary Code Injection | |
| Out-of-bounds Write | |
| Cross-site Scripting (XSS) | |
| Use After Free | |
| Arbitrary Code Injection | |
| Out-of-Bounds | |
| Out-of-bounds Read | |
| Information Exposure | |
| Improper Authorization | |
| Race Condition | |
| Improper Ownership Management | |
| Improper Ownership Management | |
