CWE-248

CWE-248

No catalog description on file. The MITRE CWE site has the canonical reference.

CVEs (total)

3

Critical

0

High

1

Medium

1

Low

0

Severity distribution

Recent CVEs

showing 3 of 3

CVE-2026-46689—EPSS 0%1 d ago
Kanidm is an identity management platform. Prior to version 1.9.3, a single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses (≈ 4–12 KB) drives the recursive-descent PEG pars
CVE-2026-46411Medium· 6.5EPSS 0%2 d ago
FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.2, authorized clients have the ability to exceed the permitted over-commit of their write buffer and triggering an internal safe-guard exception. Th
CVE-2026-46545High· 7.5EPSS 0%2 d ago
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::put_chunk allows any state
crates.io

CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.