CWE-185: CWE-185

Total CVEs

Critical

High

7.3

Avg CVSS

Yearly Trend

2026

2025

2024

Top Affected Vendors

1 Hono 1

2 Cisco 1

3 Bitdefender 1

4 Goauthentik 1

5 Litestar 1

6 Naturalintelligence 1

All CWE-185 CVEs (7)

CVE-2024-52289

9.8

This vulnerability allows attackers to bypass OAuth2 redirect URI validation in authentik by exploiting improper regex escaping. Attackers can registe...

Nov 21, 2024

CVE-2026-25896

9.3

CVE-2026-25896 is a vulnerability in fast-xml-parser where a dot (.) in a DOCTYPE entity name is treated as a regex wildcard during entity replacement...

Feb 20, 2026

CVE-2024-2223

8.1

An incorrect regular expression in Bitdefender GravityZone Update Server allows attackers to perform Server-Side Request Forgery (SSRF) and reconfigur...

Apr 9, 2024

CVE-2025-20139

7.5

An unauthenticated remote attacker can send specially crafted chat messages to Cisco Enterprise Chat and Email (ECE) to trigger a denial of service co...

Apr 2, 2025

CVE-2026-25479

6.5

Litestar ASGI framework versions before 2.20.0 have a host validation bypass vulnerability. Attackers can craft malicious host headers that match rege...

Feb 9, 2026

CVE-2026-3419

5.3

Fastify incorrectly accepts malformed Content-Type headers with trailing characters, violating RFC 9110. This allows attackers to bypass content-type ...

Mar 6, 2026

CVE-2026-24398

4.8

Hono framework's IP restriction middleware improperly validates IPv4 addresses, allowing attackers to bypass IP-based access controls by crafting malf...

Jan 27, 2026

About CWE-185 (CWE-185)

Our database tracks 7 CVEs classified as CWE-185, with 2 rated critical and 2 rated high severity. The average CVSS score for CWE-185 vulnerabilities is 7.3.

External reference: View CWE-185 on MITRE CWE →

Monitor CWE-185 Vulnerabilities

Get alerted when new CWE-185 CVEs affect your infrastructure.

Start Monitoring Free