CVEbaza.plCWE DictionaryCWE-688
Common Weakness Enumeration

CWE-688

Function Call With Incorrect Variable or Reference as Argument

Category: VariantCVE: 3
Description

The product calls a function, procedure, or routine, but the caller specifies the wrong variable or reference as one of the arguments, which may lead to undefined behavior and resultant weaknesses.

CVE vulnerabilities with CWE-688 (3)
6.7
CVSS
MEDIUM
CVE-2026-33549

SPIP 4.4.10 through 4.4.12 before 4.4.13 allows unintended privilege assignment (of administrator privileges) during the editing of an author data structure because of STATUT mishandling.

pub. 2026-03-22
5.5
CVSS
MEDIUM
CVE-2021-33713

A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a hash function is called with an incorrect argument leading the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.

pub. 2021-07-13
4.7
CVSS
MEDIUM
CVE-2026-12311

Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

pub. 2026-06-16
Information
ID: CWE-688
Type: Variant
Vulnerabilities: 3
MITRE CWE ↗
← CWE Dictionary