Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-668 (将资源暴露给错误范围) — Vulnerability Class 129

129 vulnerabilities classified as CWE-668 (将资源暴露给错误范围). AI Chinese analysis included.

CWE-668 represents a critical access control weakness where software inadvertently exposes sensitive resources, such as files or directories, to unauthorized actors outside their intended security boundary. This vulnerability typically arises from misconfigured permissions, logic errors that target the wrong object, or flawed trust assumptions between different system spheres. Attackers exploit these flaws by leveraging improper access rights to read, modify, or delete protected data, often bypassing intended isolation mechanisms. To mitigate this risk, developers must enforce strict least-privilege principles, ensuring resources are accessible only to the specific processes or users requiring them. Implementing robust access control lists, validating object references before operations, and conducting thorough code reviews for permission settings are essential practices. By rigorously defining and enforcing security boundaries, organizations can prevent unintended data exposure and maintain the integrity of their system architecture against sphere-crossing attacks.

MITRE CWE Description
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. Resources such as files and directories may be inadvertently exposed through mechanisms such as insecure permissions, or when a program accidentally operates on the wrong object. For example, a program may intend that private files can only be provided to a specific user. This effectively defines a control sphere that is intended to prevent attackers from accessing these private files. If the file permissions are insecure, then parties other than the user will be able to access those files. A separate control sphere might effectively require that the user can only access the private files, but not any other files on the system. If the program does not ensure that the user is only requesting private files, then the user might be able to access other files on the system. In either case, the end result is that a resource has been exposed to the wrong party.
Common Consequences (3)
ConfidentialityRead Application Data
An adversary that gains access to a resource exposed to a wrong sphere could potentially retrieve private data from that resource, thus breaking the intended confidentiality of that data.
IntegrityModify Application Data
An adversary that gains access to a resource exposed to a wrong sphere could potentially modify data held within that resource, thus breaking the intended integrity of that data and causing the system relying on that resource to make unintended decisions.
OtherVaries by Context
The consequences may vary widely depending on how the product uses the affected resource.
CVE IDTitleCVSSSeverityPublished
CVE-2026-41369 OpenClaw < 2026.3.31 - Insufficient Environment Variable Sanitization in Host Execution — OpenClaw 6.5 Medium2026-04-27
CVE-2026-41368 OpenClaw < 2026.3.28 - Environment Variable Disclosure via jq $ENV Filter Bypass — OpenClaw 6.5 Medium2026-04-27
CVE-2026-41362 OpenClaw 2026.2.19 < 2026.3.31 - Webhook Replay Dedupe Cache Event Suppression via Shared Authentication — OpenClaw 4.3 Medium2026-04-27
CVE-2026-6830 Nesquena Hermes WebUI Environment Variable Credential Leakage via Profile Switch — hermes-webui 3.3 Low2026-04-21
CVE-2026-32690 Apache Airflow: 3.x - Nested Variable Secret Values Bypass Redaction via max_depth=1 — Apache Airflow 7.5AIHighAI2026-04-18
CVE-2026-30912 Apache Airflow: Exposing stack trace in case of constraint error — Apache Airflow 7.5AIHighAI2026-04-18
CVE-2025-54502 AMD EPYC Processor 安全漏洞 — AMD EPYC™ 9004 Series Processors 7.8AIHighAI2026-04-16
CVE-2026-35658 OpenClaw < 2026.3.2 - Filesystem Boundary Bypass in Image Tool — OpenClaw 6.5 Medium2026-04-10
CVE-2026-39911 Hashgraph Guardian 3.5.1 Unsandboxed JavaScript Execution RCE — guardian 8.8 High2026-04-09
CVE-2026-34538 Apache Airflow: Authorization bypass in DagRun wait endpoint (XCom exposure) — Apache Airflow 6.5AIMediumAI2026-04-09
CVE-2026-34765 Electron named window.open targets not scoped to the opener's browsing context — electron 6.0 Medium2026-04-07
CVE-2026-34217 SandboxJS has a Sandbox Escape via Prop Object Leak in New Handler — SandboxJS 9.3AICriticalAI2026-04-06
CVE-2026-34780 Electron: Context Isolation bypass via contextBridge VideoFrame transfer — electron 8.4 High2026-04-04
CVE-2026-20160 Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability — Cisco Smart Software Manager On-Prem 9.8 Critical2026-04-01
CVE-2026-33573 OpenClaw < 2026.3.11 - Workspace Boundary Bypass via Agent RPC Parameters — OpenClaw 8.8 High2026-03-29
CVE-2026-28779 Apache Airflow: Path of session token in cookie does not consider base_url - session hijacking via co-hosted applications — Apache Airflow 9.8AICriticalAI2026-03-17
CVE-2026-27466 BigBlueButton: Exposed ClamAV port enables Denial of Service — bigbluebutton 7.2 High2026-02-21
CVE-2026-26057 Skill Scanner Unsecured Network Binding Vulnerability — skill-scanner 6.5 Medium2026-02-19
CVE-2025-61917 n8n Unsafe Buffer Allocation Allows In-Process Memory Disclosure in Task Runner — n8n 7.7 High2026-02-04
CVE-2026-23763 VB-Audio Matrix Drivers Local Privilege Escalation via Kernel Memory Exposure — Matrix 7.8AIHighAI2026-01-22
CVE-2025-25176 GPU DDK - GPU Register value contents leaked from secure workloads to non-secure world — Graphics DDK 8.1AIHighAI2026-01-13
CVE-2025-9074 Docker Desktop allows unauthenticated access to Docker Engine API from containers — Docker Desktop 8.1AIHighAI2025-08-20
CVE-2025-54126 WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified — wasm-micro-runtime 9.1AICriticalAI2025-07-29
CVE-2025-8107 Oracle GoldenGate 安全漏洞 — OceanBase Server 6.3 Medium2025-07-24
CVE-2025-34119 EasyCafe Server 2.2.14 Remote File Disclosure via Opcode 0x43 — EasyCafe Server 7.5AIHighAI2025-07-16
CVE-2025-6788 Schneider Electric EcoStruxure Power Monitoring Expert和Schneider Electric EcoStruxure Power Operation 安全漏洞 — EcoStruxure™ Power Monitoring Expert 5.4AIMediumAI2025-07-11
CVE-2025-34064 OneLogin AD Connector Log S3 Bucket Hijack Leading to Cross-Tenant Data Leakage — OneLogin Active Directory Connector (ADC) 8.1AIHighAI2025-07-01
CVE-2025-46707 GPU DDK - Guest VM can override its own FW VZ connection state after the FW has close it — Graphics DDK 7.8AIHighAI2025-06-27
CVE-2025-49574 Quarkus potential data leak when duplicating a duplicated context — quarkus 6.4 Medium2025-06-23
CVE-2025-32783 XWiki allows unregistered users to see "public" messages from a closed wiki via notifications from a different wiki — xwiki-platform 4.7 Medium2025-04-16

Vulnerabilities classified as CWE-668 (将资源暴露给错误范围) represent 129 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.