Threats Tagged 'cwe-1289'
View all threats tagged with 'cwe-1289'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cwe-1289'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-50090: CWE-1289 Improper validation of unsafe equivalence in input in Aqara Cloud OAuth Authorization EndpointCVE-2026-50090 0 CVE-2026-50090 is a critical vulnerability in the Aqara Cloud OAuth Authorization Endpoint that allows a redirect bypass due to improper validation of domain equivalence in input. This weakness is categorized under CWE-1289 and affects the endpoint open-cn.aqara.com/oauth/authorize. The vulnerability has a CVSS score of 9.3, indicating a high severity with potential for significant confidentiality and integrity impact. No official patch or remediation guidance is currently available, and no known exploits have been reported in the wild. Join the discussion | CVE Database V5 | 06/12/2026, 15:02:13 UTC Added: 06/12/2026, 15:39:37 UTC |
CVE-2026-42462: CWE-180: Incorrect Behavior Order: Validate Before Canonicalize in fedify-dev fedifyCVE-2026-42462 0 Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to versions 1.9.11, 1.10.10, 2.0.18, 2.1.14, and 2.2.3, an attacker can make use of JSON-LD features to restructure a JSON-LD document that would change how Fedify interprets it without changing its Linked Data Signature, allowing them to alter a third-party signed activity they have received. Versions 1.9.11, 1.10.10, 2.0.18, 2.1.14, and 2.2.3 fix the issue. Join the discussion | CVE Database V5 | 06/10/2026, 20:22:35 UTC Added: 06/10/2026, 20:59:14 UTC |
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.7 Container Release UpdateCVE-2026-48710 0 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. For details about this release, refer to the release notes listed in the References section. Join the discussion | GCVE Database | 06/04/2026, 14:20:50 UTC Added: 06/06/2026, 21:13:34 UTC |
CVE-2026-49942: CWE-1289 Improper Validation of Unsafe Equivalence in Input in RRWO Net::CIDR::SetCVE-2026-49942 0 Net::CIDR::Set versions through 0.20 for Perl did not validate network masks. The mask portion of a network mask could contain Unicode digits such as the Arabic-Indic One (U+0661), or non-digits, which were ignored. This could allow network masks to accept larger networks. Leading zeros were also accepted, but treated as decimal instead of octal. This could lead to confusion about what networks are acceptable. Join the discussion | CVE Database V5 | 06/04/2026, 16:07:42 UTC Added: 06/04/2026, 16:48:45 UTC |
CVE-2026-49940: CWE-1289 Improper Validation of Unsafe Equivalence in Input in RRWO Net::CIDR::SetCVE-2026-49940 0 Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such as the Arabic-Indic One (U+0661) were accepted but not properly parsed as numbers. This could allow network masks to accept larger networks. Join the discussion | CVE Database V5 | 06/04/2026, 16:07:01 UTC Added: 06/04/2026, 16:48:45 UTC |
Showing 1 to 5 of 5 results