CWE-134
Format String
MITRENo catalog description on file. The MITRE CWE site has the canonical reference.
Recent CVEs
showing 8 of 8- CVE-2019-1579High· 8.1KEVEPSS 93%14 h ago
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
- CVE-2020-3118High· 8.8KEVEPSS 0%14 h ago
Cisco IOS XR Software Discovery Protocol Format String Vulnerability
- CVE-2024-23113Critical· 9.8KEVEPSS 54%14 h ago
Fortinet Multiple Products Format String Vulnerability
- CVE-2026-6250—EPSS 0%15 h ago
An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input. Externally controlled data is interpreted as a format string, which can be used to manipulate stack
- CVE-2023-45583Medium· 6.7EPSS 0%16 h ago
A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, F
- CVE-2023-36640Medium· 6.7EPSS 0%16 h ago
A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, F
- CVE-2026-6241—EPSS 0%4 d ago
An authenticated format string vulnerability is present in the ONVIF AddScopes in Tapo C520WS v2, where user-controlled input is improperly passed to formatting functions without adequate sanitization. An attacker can inject format specifie
- CVE-2026-6242—EPSS 0%4 d ago
An authenticated format string vulnerability exists in the ONVIF Subscribe service in Tapo C520WS v2 due to improper handling of externally supplied parameters within formatting functions. An attacker may inject crafted format strings into
CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.