CWE-643: CWE-643

Total CVEs

Critical

High

7.2

Avg CVSS

Yearly Trend

2026

2025

2022

Top Affected Vendors

1 Apache 1

2 Huggingface 1

3 Bbraun 1

All CWE-643 CVEs (3)

CVE-2026-24343

8.8

This XPath injection vulnerability in Apache HertzBeat allows attackers to manipulate XPath queries by injecting malicious data, potentially accessing...

Feb 10, 2026

CVE-2020-25162

7.5

This XPath injection vulnerability in B. Braun medical devices allows unauthenticated remote attackers to access sensitive information and potentially...

Apr 14, 2022

CVE-2025-11844

5.4

Hugging Face Smolagents version 1.20.0 contains an XPath injection vulnerability in the search_item_ctrl_f function that allows attackers to inject ma...

Oct 22, 2025

About CWE-643 (CWE-643)

Our database tracks 3 CVEs classified as CWE-643, with 0 rated critical and 2 rated high severity. The average CVSS score for CWE-643 vulnerabilities is 7.2.

External reference: View CWE-643 on MITRE CWE →

Monitor CWE-643 Vulnerabilities

Get alerted when new CWE-643 CVEs affect your infrastructure.

Start Monitoring Free