| Arbitrary Code Injection | |
| Missing Release of Resource after Effective Lifetime | |
| Origin Validation Error | |
| Allocation of Resources Without Limits or Throttling | |
| Inefficient Regular Expression Complexity | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Authentication Bypass | |
| Information Exposure | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Information Exposure | |
| Improper Neutralization of Equivalent Special Elements | |
| Cross-site Scripting (XSS) | |
| Improper Validation of Unsafe Equivalence in Input | |
| Improper Validation of Unsafe Equivalence in Input | |
| Release of Invalid Pointer or Reference | |
| CVE-2026-33811 | |
| Insufficient Granularity of Access Control | |
| Improper Certificate Validation | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Use of a Non-reentrant Function in a Concurrent Context | |
| OS Command Injection | |
| Least Privilege Violation | |
| Authorization Bypass Through User-Controlled Key | |
| Open Redirect | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Origin Validation Error | |
| Out-of-bounds Write | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Arbitrary Argument Injection | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Server-Side Request Forgery (SSRF) | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Allocation of Resources Without Limits or Throttling | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Insufficient Granularity of Access Control | |
| Comparison Using Wrong Factors | |
| CRLF Injection | |
| HTTP Request Smuggling | |
| Cross-site Scripting (XSS) | |
| Improper Cross-boundary Removal of Sensitive Data | |
| Improper Validation of Unsafe Equivalence in Input | |
| Out-of-bounds Write | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Improper Validation of Syntactic Correctness of Input | |
| Off-by-one Error | |
| Insufficient Compartmentalization | |
| Improper Neutralization of Equivalent Special Elements | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Incorrect Privilege Assignment | |
| Allocation of Resources Without Limits or Throttling | |
| Time-of-check Time-of-use (TOCTOU) | |
| Cross-site Scripting (XSS) | |
| Excessive Platform Resource Consumption within a Loop | |
| Allocation of Resources Without Limits or Throttling | |
| Improper Validation of Specified Quantity in Input | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Unchecked Input for Loop Condition | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Executable Regular Expression Error | |
| Inefficient Regular Expression Complexity | |
| Cleartext Storage of Sensitive Information | |
| Unchecked Input for Loop Condition | |
| Allocation of Resources Without Limits or Throttling | |
| NULL Pointer Dereference | |
| Incorrect Behavior Order: Early Validation | |
| Unchecked Input for Loop Condition | |
| Improper Validation of Integrity Check Value | |
| Improper Handling of Highly Compressed Data (Data Amplification) | |
| Time-of-check Time-of-use (TOCTOU) | |
| Server-Side Request Forgery (SSRF) | |
| Cross-site Scripting (XSS) | |
| Server-Side Request Forgery (SSRF) | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Inefficient Regular Expression Complexity | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Excessive Platform Resource Consumption within a Loop | |
| Allocation of Resources Without Limits or Throttling | |
| Deserialization of Untrusted Data | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Time-of-check Time-of-use (TOCTOU) | |
| Use of a Risky Cryptographic Primitive | |
| Allocation of Resources Without Limits or Throttling | |
| Improper Certificate Validation | |
| CVE-2025-58186 | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Reachable Assertion | |
| Creation of Immutable Text Using String Concatenation | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Improper Output Neutralization for Logs | |
| Expected Behavior Violation | |
| Expected Behavior Violation | |
| Inefficient Regular Expression Complexity | |
| Link Following | |
| Time-of-check Time-of-use (TOCTOU) | |
| Open Redirect | |
| Improper Input Validation | |
| CVE-2025-4673 | |
| HTTP Request Smuggling | |
| Inefficient Regular Expression Complexity | |
| Improper Input Validation | |
| Cross-site Scripting (XSS) | |
| Origin Validation Error | |
| Exposed Dangerous Method or Function | |
| Improper Access Control | |
| Incomplete Filtering of Special Elements | |
| Improper Input Validation | |
| Arbitrary Code Injection | |
| Server-Side Request Forgery (SSRF) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Information Exposure | |
| Improper Verification of Cryptographic Signature | |
| Information Exposure | |
| CRLF Injection | |
| Improper Handling of Exceptional Conditions | |
| Authorization Bypass Through User-Controlled Key | |
| Improper Verification of Cryptographic Signature | |
| Resource Exhaustion | |
| Improper Verification of Cryptographic Signature | |
| Use of Uninitialized Variable | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Insufficient Compartmentalization | |
| Insufficiently Protected Credentials | |
| Missing Required Cryptographic Step | |
| Improper Verification of Cryptographic Signature | |
| Improper Input Validation | |
| Authentication Bypass | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Misinterpretation of Input | |
| Improper Input Validation | |
| Arbitrary Code Injection | |
| Improper Certificate Validation | |
| Information Exposure | |
| Information Exposure | |
| Allocation of Resources Without Limits or Throttling | |
| Buffer Access with Incorrect Length Value | |
| Resource Exhaustion | |
| Resource Exhaustion | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Inefficient Regular Expression Complexity | |
| Resource Exhaustion | |
| Information Exposure | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Resource Exhaustion | |
| Inefficient Regular Expression Complexity | |
| Inefficient Regular Expression Complexity | |
| Inefficient Regular Expression Complexity | |
| Resource Exhaustion | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| External Control of Assumed-Immutable Web Parameter | |
| Allocation of Resources Without Limits or Throttling | |
| Incorrect Implementation of Authentication Algorithm | |
| Information Exposure | |
| Inefficient Regular Expression Complexity | |
| CVE-2022-39201 | |
| Insufficiently Protected Credentials | |
| Improper Verification of Cryptographic Signature | |
| Authentication Bypass | |
| Inefficient Regular Expression Complexity | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Inefficient Regular Expression Complexity | |
| Resource Exhaustion | |
| Improper Authentication | |
| Improper Authentication | |
| Improper Authentication | |
| Improper Authentication | |
| Improper Authentication | |
| Directory Traversal | |
| Open Redirect | |
| Insufficient Entropy | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Authorization Bypass Through User-Controlled Key | |
| Authorization Bypass Through User-Controlled Key | |
| Authorization Bypass Through User-Controlled Key | |
| Authorization Bypass Through User-Controlled Key | |
| Authorization Bypass Through User-Controlled Key | |
| Authorization Bypass Through User-Controlled Key | |
| Arbitrary Argument Injection | |
| Arbitrary Argument Injection | |
| Arbitrary Argument Injection | |
| Arbitrary Argument Injection | |
| Arbitrary Argument Injection | |
| Arbitrary Argument Injection | |
| Arbitrary Argument Injection | |
| Arbitrary Argument Injection | |
| Arbitrary Argument Injection | |
| Arbitrary Argument Injection | |
| Arbitrary Argument Injection | |
| Arbitrary Argument Injection | |
| Arbitrary Argument Injection | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Incorrect Permission Assignment for Critical Resource | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Access Control | |
| Improper Certificate Validation | |
