Login Sign Up

CWE-693: CWE-693

132
Total CVEs
23
Critical
62
High
7.5
Avg CVSS
4
In CISA KEV

Yearly Trend

2026
13
2025
76
2024
30
2023
9
2022
3

Top Affected Vendors

1 Microsoft 25
2 Google 23
3 Apple 11
4 Mozilla 4
5 Mattermost 4
6 Cisco 3
7 Intel 3
8 Fedoraproject 2
9 Dell 2
10 Jenkins 2

All CWE-693 CVEs (132)

CVE-2023-31273
10.0

This vulnerability in Intel Data Center Manager (DCM) software allows unauthenticated attackers to bypass protection mechanisms and potentially escala...

Nov 14, 2023
CVE-2026-25115
9.9

This vulnerability in n8n's Python Code node allows authenticated users to escape the Python sandbox and execute arbitrary code on the underlying syst...

Feb 4, 2026
CVE-2025-68668
9.9

This CVE describes a sandbox bypass vulnerability in n8n's Python Code Node that allows authenticated users with workflow creation/modification permis...

Dec 26, 2025
CVE-2023-25765
9.9

This vulnerability in Jenkins Email Extension Plugin allows attackers with folder-level email template creation permissions to bypass script security ...

Feb 15, 2023
CVE-2021-32835
9.9

CVE-2021-32835 is a sandbox escape vulnerability in Eclipse Keti that allows authenticated attackers to execute arbitrary code on affected systems. Th...

Sep 9, 2021
CVE-2024-55024
9.8

An authentication bypass vulnerability in Weintek cMT-3072XH2 HMI devices allows unauthorized attackers to perform administrative actions using servic...

Mar 3, 2026
CVE-2025-48626
9.8

This Android vulnerability allows attackers to launch applications from the background without user interaction due to a precondition check failure. I...

Dec 8, 2025
CVE-2025-12554
9.8

This CVE describes a missing security headers vulnerability in BLU-IC2 and BLU-IC4 devices through version 1.19.5. Attackers can exploit this to condu...

Oct 31, 2025
CVE-2025-22429
9.8

This CVE-2025-22429 is a critical logic error vulnerability in Android's framework base that allows arbitrary code execution without user interaction....

Sep 2, 2025
CVE-2025-54143
9.8

This vulnerability in Firefox for iOS allows sandboxed iframes to bypass download restrictions, enabling malicious websites to download files to devic...

Aug 19, 2025
CVE-2025-43261
9.8

This CVE describes a sandbox escape vulnerability in macOS that allows malicious applications to break out of their security confinement. The vulnerab...

Jul 30, 2025
CVE-2025-27665
9.8

This vulnerability in Vasion Print (formerly PrinterLogic) allows insufficient antivirus protection that could permit drivers containing known malicio...

Mar 5, 2025
CVE-2024-34144
9.8

This vulnerability allows attackers with permission to define and run sandboxed scripts in Jenkins to bypass sandbox protections via crafted construct...

May 2, 2024
CVE-2023-52378
9.8

This vulnerability involves incorrect service logic in Huawei's WindowManagerServices module, allowing attackers to cause abnormal feature behavior. I...

Feb 18, 2024
CVE-2025-43728
9.6

Dell ThinOS 10 contains a protection mechanism failure vulnerability that allows unauthenticated remote attackers to bypass security controls. This af...

Aug 27, 2025
CVE-2023-33150
9.6

This vulnerability allows attackers to bypass Microsoft Office security features, potentially enabling malicious code execution without user interacti...

Jul 11, 2023
CVE-2022-31479
9.6

CVE-2022-31479 allows unauthenticated attackers to execute arbitrary shell commands by injecting malicious hostnames into HID Mercury Intelligent Cont...

Jun 6, 2022
CVE-2025-65318
9.1

Canary Mail versions 5.1.40 and below fail to apply Mark-of-the-Web (MOTW) tags to downloaded attachments, allowing attackers to bypass Windows and th...

Dec 16, 2025
CVE-2025-65319
9.1

This vulnerability in Blue Mail allows attackers to bypass Windows and third-party security protections by saving documents without Mark-of-the-Web ta...

Dec 16, 2025
CVE-2025-43273
9.1

A sandbox escape vulnerability in macOS allows sandboxed processes to bypass security restrictions. This affects macOS systems running versions before...

Jul 30, 2025
CVE-2025-6427
9.1

This vulnerability allows attackers to bypass Content Security Policy connect-src directives by manipulating subdocuments, enabling unauthorized conne...

Jun 24, 2025
CVE-2025-41232
9.1

Spring Security Aspects may fail to enforce authorization on private methods when using AspectJ mode, allowing unauthorized access to protected functi...

May 21, 2025
CVE-2023-45132
9.1

This vulnerability allows attackers to bypass NAXSI web application firewall protection when malicious X-Forwarded-For headers match IgnoreIP or Ignor...

Oct 11, 2023
CVE-2026-20667
8.8

This CVE describes a sandbox escape vulnerability in Apple operating systems where a malicious app could bypass security restrictions designed to isol...

Feb 11, 2026
CVE-2026-21513
KEV 8.8

This vulnerability in the MSHTML Framework allows attackers to bypass security protections remotely, potentially enabling unauthorized access or code ...

Feb 10, 2026
CVE-2026-21510
KEV 8.8

A protection mechanism failure in Windows Shell allows attackers to bypass security features over a network, potentially enabling unauthorized access ...

Feb 10, 2026
CVE-2025-69264
8.8

This vulnerability in pnpm package manager versions 10.0.0 through 10.25 allows git-hosted dependencies to execute arbitrary code during installation....

Jan 7, 2026
CVE-2025-46281
8.8

This CVE describes a sandbox escape vulnerability in macOS that allows malicious applications to bypass security restrictions. An attacker could execu...

Dec 17, 2025
CVE-2025-48534
8.8

This vulnerability allows local privilege escalation in Android's CellBroadcastHandler component due to a logic error. Attackers could cause denial of...

Sep 4, 2025
CVE-2025-9866
8.8

This vulnerability allows attackers to bypass Chrome's Content Security Policy (CSP) through malicious extensions, enabling injection of unauthorized ...

Sep 3, 2025
CVE-2025-49740
8.8

This vulnerability allows attackers to bypass Windows SmartScreen security protections over a network, potentially enabling the execution of malicious...

Jul 8, 2025
CVE-2025-41224
8.8

This vulnerability in Siemens RUGGEDCOM industrial networking devices allows authenticated attackers to bypass interface access restrictions when swit...

Jul 8, 2025
CVE-2025-31244
8.8

This CVE describes a file quarantine bypass vulnerability in macOS that allows applications to escape their sandbox restrictions. The vulnerability af...

May 12, 2025
CVE-2024-36242
8.8

A protection mechanism failure in Intel's Software Protection Platform (SPP) for certain processors allows authenticated local users to potentially es...

Nov 13, 2024
CVE-2024-44122
8.8

This CVE describes a sandbox escape vulnerability in macOS that allows malicious applications to break out of their security confinement. It affects m...

Oct 28, 2024
CVE-2024-38180
8.8

This vulnerability allows attackers to bypass Windows SmartScreen security checks, potentially enabling them to execute malicious files without proper...

Aug 13, 2024
CVE-2024-38092
8.8

This vulnerability in Azure CycleCloud allows authenticated users to elevate their privileges to administrator level, potentially gaining full control...

Jul 9, 2024
CVE-2024-29988
8.8

This vulnerability allows attackers to bypass Microsoft's SmartScreen security prompts, which normally warn users about potentially malicious files or...

Apr 9, 2024
CVE-2024-25744
8.8

This vulnerability in the Linux kernel allows an untrusted virtual machine monitor (VMM/hypervisor) to trigger int80 syscall handling at arbitrary tim...

Feb 12, 2024
CVE-2021-31982
8.8

This vulnerability allows attackers to bypass security features in Microsoft Edge (Chromium-based), potentially enabling malicious websites to execute...

Jul 1, 2023
CVE-2025-27700
8.4

CVE-2025-27700 allows attackers to bypass carrier restrictions on affected Android devices, potentially leading to local privilege escalation without ...

May 27, 2025
CVE-2025-21384
8.3

An authenticated attacker can exploit a Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to make unauthorized requests t...

Apr 1, 2025
CVE-2024-56181
8.2

This vulnerability allows authenticated attackers to bypass secure boot protections on Siemens industrial PCs by directly manipulating EFI variables t...

Mar 11, 2025
CVE-2024-56182
8.2

This vulnerability allows authenticated attackers to bypass BIOS password protection on affected Siemens industrial PCs by directly communicating with...

Mar 11, 2025
CVE-2025-40536
KEV EPSS 69.1% 8.1

SolarWinds Web Help Desk contains a security control bypass vulnerability that allows unauthenticated attackers to access restricted functionality. Th...

Jan 28, 2026
CVE-2026-0877
8.1

This CVE describes a mitigation bypass vulnerability in the DOM Security component of Mozilla products. It allows attackers to circumvent security pro...

Jan 13, 2026
CVE-2025-46291
7.8

This CVE describes a Gatekeeper bypass vulnerability in macOS that allows malicious applications to circumvent security checks. Attackers could potent...

Dec 17, 2025
CVE-2025-67460
7.8

A protection mechanism failure in Zoom Rooms for Windows allows unauthenticated local attackers to downgrade software versions and escalate privileges...

Dec 10, 2025
CVE-2025-10157
7.8

This vulnerability allows attackers to bypass picklescan's unsafe globals check by using submodule imports instead of exact package names. Attackers c...

Sep 17, 2025
CVE-2025-26431
7.8

This vulnerability in Android's accessibility services allows attackers to hide enabled accessibility services through a logic error, potentially enab...

Sep 4, 2025

About CWE-693 (CWE-693)

Our database tracks 132 CVEs classified as CWE-693, with 23 rated critical and 62 rated high severity. The average CVSS score for CWE-693 vulnerabilities is 7.5.

External reference: View CWE-693 on MITRE CWE →

Monitor CWE-693 Vulnerabilities

Get alerted when new CWE-693 CVEs affect your infrastructure.

Start Monitoring Free