By weakness (CWE)

CWE-275: related vulnerabilities

CVEs classified under CWE-275. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

2 published vulnerabilities

  • CVE-2026-41976MEDIUM 6.6

    CVE-2026-41976 is a permission control flaw in an audio framework that could allow an attacker with local access to read sensitive audio data. The vulnerability requires user interaction to trigger but does not need special privileges to exploit. While the confidentiality impact is high, the ability to modify or destroy audio data or services is more limited. This is a medium-severity issue that warrants prompt attention in environments where audio processing handles sensitive information.

  • CVE-2026-41978MEDIUM 4.4

    A permission control vulnerability exists in a clone module that could allow an unauthorized user to access sensitive information. The issue arises from improper permission checks when cloning resources, potentially exposing confidential data. While the vulnerability requires local access and user interaction to exploit, it carries a medium risk profile and warrants timely remediation to protect data confidentiality.