Login Sign Up

CWE-150: CWE-150

14
Total CVEs
5
Critical
5
High
8.0
Avg CVSS

Yearly Trend

2026
4
2025
7
2024
2
2023
1

Top Affected Vendors

1 Apache 2
2 Microsoft 1
3 Ibm 1
4 Badkeys 1
5 Gardener 1
6 Linuxfoundation 1
7 Rarlab 1
8 Mongodb 1
9 Palletsprojects 1
10 Cyberpower 1

All CWE-150 CVEs (14)

CVE-2025-47284
9.9

This vulnerability allows administrative users within a Gardener project to escalate privileges and gain control over seed clusters managing their sho...

May 19, 2025
CVE-2026-25996
9.8

This vulnerability in Inspektor Gadget allows malicious containers to inject ANSI escape sequences into terminal output, potentially enabling terminal...

Feb 12, 2026
CVE-2025-25286
9.8

CVE-2025-25286 is a critical remote code execution vulnerability in Crayfish's Homarus microservice that provides FFmpeg functionality. Attackers can ...

Feb 13, 2025
CVE-2023-3265
9.8

CVE-2023-3265 is an authentication bypass vulnerability in CyberPower PowerPanel Enterprise that allows unauthenticated attackers to log in as adminis...

Aug 14, 2023
CVE-2025-55754
9.6

Apache Tomcat fails to escape ANSI escape sequences in log messages, allowing attackers to inject malicious sequences when Tomcat runs in a console su...

Oct 27, 2025
CVE-2025-0975
8.8

CVE-2025-0975 is an improper input validation vulnerability in IBM MQ console that allows authenticated users to execute arbitrary code by exploiting ...

Feb 28, 2025
CVE-2024-56201
8.8

A vulnerability in Jinja templating engine allows attackers who control both template content and filename to execute arbitrary Python code, bypassing...

Dec 23, 2024
CVE-2025-15311
7.8

CVE-2025-15311 is an unauthorized code execution vulnerability in Tanium Appliance that allows attackers to execute arbitrary code without proper auth...

Feb 5, 2026
CVE-2024-36052
7.5

This vulnerability in WinRAR allows attackers to inject ANSI escape sequences into archive comments, which can spoof the screen output displayed to us...

May 21, 2024
CVE-2026-21521
7.4

This vulnerability in Copilot allows attackers to exploit improper input sanitization to extract sensitive information over network connections. It af...

Jan 22, 2026
CVE-2025-65082
6.5

This vulnerability allows attackers to manipulate CGI program behavior by injecting malicious environment variables through Apache configuration. It a...

Dec 5, 2025
CVE-2025-1692
6.3

This vulnerability allows attackers to inject malicious code into MongoDB Shell (mongosh) through clipboard manipulation. An attacker controlling the ...

Feb 27, 2025
CVE-2026-21439
5.3

This vulnerability allows attackers to inject ASCII control characters and ANSI escape sequences into badkeys tool output, creating misleading results...

Jan 6, 2026
CVE-2025-64494
4.6

Soft Serve Git server versions before 0.10.0 fail to sanitize ANSI escape sequences in user-controlled input fields like names and git messages. This ...

Nov 8, 2025

About CWE-150 (CWE-150)

Our database tracks 14 CVEs classified as CWE-150, with 5 rated critical and 5 rated high severity. The average CVSS score for CWE-150 vulnerabilities is 8.0.

External reference: View CWE-150 on MITRE CWE →

Monitor CWE-150 Vulnerabilities

Get alerted when new CWE-150 CVEs affect your infrastructure.

Start Monitoring Free