CWE-1108
4 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1108page 1 of 1
- CVE-2022-2642HIGHCVSS 7.5EG 7.52022-12-02
Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.
- CVE-2024-47827MEDIUMCVSS 5.7EG 5.72024-10-28
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by an…
- CVE-2025-36009MEDIUMCVSS 6.5EG 6.52026-01-30
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service due to excessive use of a global variable.
- CVE-2026-32841HIGHCVSS 8.1EG 8.12026-03-17
Edimax GS-5008PL firmware versions 1.00.54 and prior contain an authentication bypass vulnerability that allows unauthenticated attackers to access the management interface. Attackers can exploit the global authentication flag mechanism to…
Map vulnerabilities like CWE-1108 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1108 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →