目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1325

100%
请我们喝杯咖啡

CWE-345 对数据真实性的验证不充分 类漏洞列表 248

CWE-345 对数据真实性的验证不充分 类弱点 248 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-345 属于数据完整性与真实性验证不足的安全漏洞。攻击者通常通过伪造或篡改数据源,使系统误信无效或恶意信息,从而执行非预期操作或泄露敏感数据。开发者应实施严格的身份认证机制,如使用数字签名或加密哈希,确保数据来源可信且未被篡改,并在关键业务逻辑前强制进行真实性校验,以阻断恶意数据的注入与处理。

MITRE CWE 官方描述
CWE:CWE-345 数据真实性验证不足 (Insufficient Verification of Data Authenticity) 英文:产品未能以足以防止其接受无效数据的方式,充分验证数据的来源或真实性。
常见影响 (1)
Integrity, OtherVaries by Context, Unexpected State
代码示例 (1)
In 2022, the OT:ICEFALL study examined products by 10 different Operational Technology (OT) vendors. The researchers reported 56 vulnerabilities and said that the products were "insecure by design" [REF-1283]. If exploited, these vulnerabilities often allowed adversaries to change how the products operated, ranging from denial of service to changing the code that the products executed. Since these…
CVE ID标题CVSS风险等级Published
CVE-2026-56073 Cap-go 电子邮件验证中通过响应操纵绕过OTP漏洞 — capgo 9.4 Critical2026-06-19
CVE-2026-44087 Apache APISIX OpenID连接插件身份头伪造漏洞 — Apache APISIX--2026-06-19
CVE-2026-48783 gitroomhq postiz-app 输入验证错误漏洞 — postiz-app 4.8 Medium2026-06-16
CVE-2026-47777 Mastodon 输入验证错误漏洞 — mastodon 7.5 High2026-06-15
CVE-2026-53406 Zoom Communications Remote Control for Zoom Contact Center 输入验证错误漏洞 — Remote Control for Zoom Contact Center 7.8 High2026-06-12
CVE-2026-47691 Netty 输入验证错误漏洞 — netty 8.7 High2026-06-12
CVE-2026-45674 Netty 输入验证错误漏洞 — netty 8.7 High2026-06-12
CVE-2026-48096 OpenFGA 数据伪造问题漏洞 — openfga 5.0 Medium2026-06-10
CVE-2026-46539 Nimiq 数据伪造问题漏洞 — core-rs-albatross 5.9 Medium2026-06-09
CVE-2026-7792 WordPress plugin WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More 数据伪造问题漏洞 — WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More 5.3 Medium2026-06-06
CVE-2026-8608 WordPress plugin Event Monster – Event Management, Events Calendar, Tickets 数据伪造问题漏洞 — Event Monster – Event Manager, Ticket Booking & Registration 5.3 Medium2026-06-05
CVE-2026-50214 Acer M6E 安全漏洞 — Connect M6E 5G Portable WiFi Router--2026-06-04
CVE-2022-4992 Dräger Infinity Acute Care System和Dräger Standalone Infinity M540 patient monitor 数据伪造问题漏洞 — Infinity Acute Care System 8.6 High2026-06-02
CVE-2026-41577 authentik 数据伪造问题漏洞 — authentik--2026-06-02
CVE-2026-47696 WWBN AVideo 安全漏洞 — AVideo--2026-05-29
CVE-2026-9189 WordPress plugin Contact Form 7 – PayPal & Stripe Add-on 数据伪造问题漏洞 — Contact Form 7 – PayPal & Stripe Add-on 5.3 Medium2026-05-29
CVE-2026-3012 Samba 数据伪造问题漏洞 — Red Hat Enterprise Linux 10 8.0 High2026-05-27
CVE-2026-41164 Cashu NUTs 数据伪造问题漏洞 — nuts-node 4.4 Medium2026-05-26
CVE-2026-25602 Mesalvo Meona Client Launcher Component和Mesalvo Meona Server Component 数据伪造问题漏洞 — Meona Client Launcher Component 4.4 Medium2026-05-20
CVE-2026-44308 Spring Cloud AWS 数据伪造问题漏洞 — spring-cloud-aws--2026-05-14
CVE-2026-44999 OpenClaw 数据伪造问题漏洞 — OpenClaw 5.3 Medium2026-05-11
CVE-2026-42575 apko 数据伪造问题漏洞 — apko 7.5 High2026-05-09
CVE-2026-41432 New API 数据伪造问题漏洞 — new-api 7.1 High2026-05-08
CVE-2026-42206 Roadiz Document base system 数据伪造问题漏洞 — core-bundle-dev-app 7.5AIHighAI2026-05-08
CVE-2026-31835 Vaultwarden 数据伪造问题漏洞 — vaultwarden 7.5 -2026-05-05
CVE-2026-43534 OpenClaw 数据伪造问题漏洞 — OpenClaw 9.1 Critical2026-05-05
CVE-2026-7611 TRENDnet TEW-821DAP 数据伪造问题漏洞 — TEW-821DAP 3.7 Low2026-05-02
CVE-2026-7606 TRENDnet TEW-821DAP 数据伪造问题漏洞 — TEW-821DAP 3.7 Low2026-05-02
CVE-2026-35051 Traefik 数据伪造问题漏洞 — traefik 9.1 -2026-04-30
CVE-2026-6498 WordPress plugin Five Star Restaurant Reservations 数据伪造问题漏洞 — Five Star Restaurant Reservations – WordPress Booking Plugin 5.3 Medium2026-04-30

CWE-345(对数据真实性的验证不充分) 是常见的弱点类别,本平台收录该类弱点关联的 248 条 CVE 漏洞。