CWE-177: CWE-177

Total CVEs

Critical

High

7.4

Avg CVSS

Yearly Trend

2026

2024

2022

Top Affected Vendors

1 Hono 1

2 Qnap 1

3 Haxx 1

4 Netapp 1

5 Splunk 1

All CWE-177 CVEs (5)

CVE-2026-22037

8.4

The @fastify/express plugin vulnerability allows attackers to bypass middleware protection by using URL-encoded characters in paths. This affects appl...

Jan 19, 2026

CVE-2026-22031

8.4

This vulnerability allows attackers to bypass middleware protection in @fastify/middie by using URL-encoded characters in paths. Attackers can access ...

Jan 19, 2026

CVE-2026-29045

7.5

This vulnerability in Hono web framework allows attackers to bypass route-based middleware protections (like authentication) for static files by using...

Mar 4, 2026

CVE-2022-27780

7.5

The curl URL parser incorrectly accepts percent-encoded URL separators like '/' in hostnames, allowing attackers to bypass filters and checks by makin...

Jun 2, 2022

CVE-2024-48866

5.3

This vulnerability involves improper handling of URL encoding (hex encoding) in several QNAP operating system versions, which could allow remote attac...

Dec 6, 2024

About CWE-177 (CWE-177)

Our database tracks 5 CVEs classified as CWE-177, with 0 rated critical and 4 rated high severity. The average CVSS score for CWE-177 vulnerabilities is 7.4.

External reference: View CWE-177 on MITRE CWE →

Monitor CWE-177 Vulnerabilities

Get alerted when new CWE-177 CVEs affect your infrastructure.

Start Monitoring Free