CWE-791: CWE-791
Yearly Trend
Top Affected Vendors
All CWE-791 CVEs (9)
CVE-2025-0324 is a privilege escalation vulnerability in Axis VAPIX Device Configuration framework that allows authenticated low-privileged users to g...
Jun 2, 2025This CVE describes a server-side request forgery (SSRF) vulnerability in SAP systems where an unauthenticated attacker can craft malicious links. When...
Nov 12, 2024This critical vulnerability in Kingdee Cloud-Starry-Sky Enterprise Edition allows remote attackers to execute arbitrary code through template injectio...
Jun 27, 2025HAProxy Kubernetes Ingress Controller versions before 3.1.13 with config-snippets feature enabled allow users with create/update permissions to inject...
Oct 8, 2025This vulnerability in CTCMS Content Management System allows remote attackers to execute template injection attacks through improper input sanitizatio...
Dec 16, 2025This critical vulnerability in zhilink ADP Application Developer Platform 1.0.0 allows remote attackers to execute arbitrary code through template inj...
May 29, 2025This vulnerability in the Linux kernel incorrectly sets tun/tap socket UIDs to 0 (root) due to type confusion during initialization. This can cause ne...
Mar 27, 2023This AngularJS vulnerability allows attackers to bypass image source restrictions by manipulating SVG 'href' and 'xlink:href' attributes, enabling con...
Apr 29, 2025This CVE describes a Server-Side Template Injection (SSTI) vulnerability in datapizza-ai's Jinja2 template handler. Attackers can inject malicious tem...
Feb 23, 2026About CWE-791 (CWE-791)
Our database tracks 9 CVEs classified as CWE-791, with 1 rated critical and 2 rated high severity. The average CVSS score for CWE-791 vulnerabilities is 6.6.
External reference: View CWE-791 on MITRE CWE →
Monitor CWE-791 Vulnerabilities
Get alerted when new CWE-791 CVEs affect your infrastructure.
Start Monitoring Free