CWE-479

2 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-479page 1 of 1

CVE-2021-26948HIGHCVSS 7.8EG 7.8
2022-03-03
Null pointer dereference in the htmldoc v1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service via a crafted html file.
CVE-2026-44011HIGHCVSS 8.6EG 8.6
2026-05-12
Craft CMS is a content management system (CMS). From 4.0.0 to before 4.17.12 and 5.9.18, Craft CMS which contains an input-handling flaw in a Yii object creation path that let any authenticated user inject malicious configuration and execu…

Map vulnerabilities like CWE-479 to your infrastructure

EchelonGraph correlates every CVE — across CWE-479 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →