CWE-357: CWE-357

Total CVEs

Critical

High

6.7

Avg CVSS

Yearly Trend

2025

2024

Top Affected Vendors

1 Microsoft 4

2 Xwiki 1

All CWE-357 CVEs (5)

CVE-2025-33054

8.1

This vulnerability in Remote Desktop Client allows attackers to spoof UI elements, tricking users into performing dangerous operations without proper ...

Jul 8, 2025

CVE-2025-49582

8.0

XWiki's required rights analyzers for dangerous macros are incomplete, allowing attackers to hide malicious content by using non-lowercase parameters ...

Jun 13, 2025

CVE-2024-43505

7.8

This vulnerability allows remote code execution when a user opens a specially crafted Visio file. Attackers could exploit this to run arbitrary code w...

Oct 8, 2024

CVE-2024-43580

5.4

This vulnerability in Microsoft Edge allows attackers to spoof UI elements, potentially tricking users into interacting with malicious content. It aff...

Oct 17, 2024

CVE-2024-49054

4.3

This vulnerability in Microsoft Edge allows attackers to spoof UI elements, potentially tricking users into interacting with malicious content. It aff...

Nov 22, 2024

About CWE-357 (CWE-357)

Our database tracks 5 CVEs classified as CWE-357, with 0 rated critical and 3 rated high severity. The average CVSS score for CWE-357 vulnerabilities is 6.7.

External reference: View CWE-357 on MITRE CWE →

Monitor CWE-357 Vulnerabilities

Get alerted when new CWE-357 CVEs affect your infrastructure.

Start Monitoring Free