CWE-1289
CWE-1289
MITRENo catalog description on file. The MITRE CWE site has the canonical reference.
Recent CVEs
showing 4 of 4- CVE-2026-50090Critical· 9.31 d ago
The Aqara Cloud OAuth Authorization Endpoint (open-cn.aqara.com/oauth/authorize) is vulnerable to a redirect bypass due to lax controls on domain matching, which is an instance of "CWE-1289: Improper Validation of Unsafe Equivalence in Inpu
- CVE-2026-42462High· 7.0EPSS 0%2 d ago
Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to versions 1.9.11, 1.10.10, 2.0.18, 2.1.14, and 2.2.3, an attacker can make use of JSON-LD features to restructure a JSON-LD document that woul
npm - CVE-2026-49942High· 7.3EPSS 0%5 d ago
Net::CIDR::Set versions through 0.20 for Perl did not validate network masks. The mask portion of a network mask could contain Unicode digits such as the Arabic-Indic One (U+0661), or non-digits, which were ignored. This could allow netw
- CVE-2026-49940Medium· 6.5EPSS 0%5 d ago
Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such as the Arabic-Indic One (U+0661) were accepted but not properly parsed as numbers. This could allow network masks to accept larg
CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.