CWE-668
Exposure of Resource to Wrong Sphere
MITRENo catalog description on file. The MITRE CWE site has the canonical reference.
Recent CVEs
showing 5 of 5- CVE-2026-47141—EPSS 0%4 h ago
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM exposes some process-wide observability builtins when they are allowed through require.builtin. The diagnostics_channel, async_hooks, and perf_hooks builtins are
npm - CVE-2026-53826Medium· 4.310 h ago
OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session spawning that exposes the real workspace path to child prompts. Attackers can exploit this by spawning child sessions from sandboxed parents to
- CVE-2023-36761Medium· 6.5KEVEPSS 6%15 h ago
Microsoft Word Information Disclosure Vulnerability
- CVE-2026-48096Medium· 5.0EPSS 0%1 d ago
OpenFGA has cache-key delimiter injection in shared-iterator and v2 iterator that caches enables intra-store authorization-decision poisoning
go - CVE-2026-42535Critical· 9.1EPSS 0%3 d ago
A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2
CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.