Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2025-70047 An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in Nexusoft NexusInterface v3.2.0-beta.2. | 7.5 | HIGH | β | 0 |
| CVE-2025-69278 In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | 7.5 | HIGH | β | 0 |
| CVE-2025-69279 In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | 7.5 | HIGH | β | 0 |
| CVE-2026-3588 A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2.866.4 allows an attacker to exfiltrate private keys by sending a crafted request. | 7.5 | HIGH | β | 0 |
| CVE-2026-32980 OpenClaw before 2026.3.13 reads and buffers Telegram webhook request bodies before validating the x-telegram-bot-api-secret-token header, allowing unauthenticated attackers to exhaust server resources... | 7.5 | HIGH | β | 0 |
| CVE-2025-70034 An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in mscdex ssh2 v1.17.0. | 7.5 | HIGH | β | 0 |
| CVE-2019-25652 UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middl... | 7.5 | HIGH | β | 0 |
| CVE-2026-34388 Fleet is open source device management software. Prior to 4.81.0, a denial-of-service vulnerability in Fleet's gRPC Launcher endpoint allows an authenticated host to crash the entire Fleet server proc... | 7.5 | HIGH | β | 0 |
| CVE-2026-33697 Cocos AI is a confidential computing system for AI. The current implementation of attested TLS (aTLS) in CoCoS is vulnerable to a relay attack affecting all versions from v0.4.0 through v0.8.2. This v... | 7.5 | HIGH | β | 0 |
| CVE-2025-70251 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formWlanGuestSetup. | 7.5 | HIGH | β | 0 |
| CVE-2026-26308 Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, the Envoy RBAC (Role-Based Access Control) filter contains a logic vulnerability in how it validate... | 7.5 | HIGH | β | 0 |
| CVE-2026-2285 CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server. | 7.5 | HIGH | β | 0 |
| CVE-2026-33575 OpenClaw before 2026.3.12 embeds long-lived shared gateway credentials directly in pairing setup codes generated by /pair endpoint and OpenClaw qr command. Attackers with access to leaked setup codes ... | 7.5 | HIGH | β | 0 |
| CVE-2019-25470 eWON Firmware versions 12.2 to 13.0 contain an authentication bypass vulnerability that allows attackers with minimal privileges to retrieve sensitive user data by exploiting the wsdReadForm endpoint.... | 7.5 | HIGH | β | 0 |
| CVE-2019-25465 Hisilicon HiIpcam V100R003 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by exploiting directory listing in the cgi-bin dir... | 7.5 | HIGH | β | 0 |
| CVE-2026-3496 The JetBooking plugin for WordPress is vulnerable to SQL Injection via the 'check_in_date' parameter in all versions up to, and including, 4.0.3. This is due to insufficient escaping on the user suppl... | 7.5 | HIGH | β | 0 |
| CVE-2025-70027 An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. This allows attackers to obtain sensitive information | 7.5 | HIGH | β | 0 |
| CVE-2018-25164 EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated attackers to access sensitive files by requesting them directly from the files directory. Attackers can send ... | 7.5 | HIGH | β | 0 |
| CVE-2026-21888 NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. MQTT v5 Variable Byte Integer parsing out-of-bounds: get_var_integer() accepts 5-byte varints without bounds checks; reliably trig... | 7.5 | HIGH | β | 0 |
| CVE-2026-27703 RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) devices and other embedded devices. In 2026.01 and earlier, the default handler ... | 7.5 | HIGH | β | 0 |
| CVE-2026-31894 WeGIA is a web manager for charitable institutions. In 3.6.5, The patched loadBackupDB() extracts tar.gz archives to a temporary directory using PHP's PharData class, then uses glob() and file_get_con... | 7.5 | HIGH | β | 0 |
| CVE-2026-32130 ZITADEL is an open source identity management platform. From 2.68.0 to before 3.4.8 and 4.12.2, Zitadel provides a System for Cross-domain Identity Management (SCIM) API to provision users from extern... | 7.5 | HIGH | β | 0 |
| CVE-2026-3932 Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severi... | 7.5 | HIGH | β | 0 |
| CVE-2026-33155 DeepDiff is a project focused on Deep Difference and search of any Python data. From version 5.0.0 to before version 8.6.2, the pickle unpickler _RestrictedUnpickler validates which classes can be loa... | 7.5 | HIGH | β | 0 |
| CVE-2026-33154 dynaconf is a configuration management tool for Python. Prior to version 3.2.13, Dynaconf is vulnerable to Server-Side Template Injection (SSTI) due to unsafe template evaluation in the @Jinja resolve... | 7.5 | HIGH | β | 0 |
| CVE-2026-29059 Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Prior to version 1.603.3, an unauthenticated path traversal vulnerability exists in Windmill'... | 7.5 | HIGH | β | 0 |
| CVE-2026-22182 wpDiscuz before 7.6.47 contains an unauthenticated denial of service vulnerability that allows anonymous users to trigger mass notification emails by exploiting the checkNotificationType() function. A... | 7.5 | HIGH | β | 0 |
| CVE-2026-2673 Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. ... | 7.5 | HIGH | β | 0 |
| CVE-2026-31899 CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to Kozea/CairoSVG has exponential denial of service via recursive <use> element amplification in cairosvg/defs.py. This causes... | 7.5 | HIGH | β | 0 |
| CVE-2026-32597 PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit (Critical) Header Parameter defined in RFC 7515 Β§4.1.11. When a JWS token contains a crit array li... | 7.5 | HIGH | β | 0 |
| CVE-2026-34487 Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat:... | 7.5 | HIGH | β | 0 |
| CVE-2026-29129 Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0... | 7.5 | HIGH | β | 0 |
| CVE-2026-33063 free5GC is an open source 5G core network. free5GC AUSF prior to version 1.4.2 has is an Improper Null Check vulnerability leading to Denial of Service. All deployments of free5GC v4.0.1 using the AUS... | 7.5 | HIGH | β | 0 |
| CVE-2026-33062 free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerability leading to Denial of Service. All deployments of free5GC using the NRF disc... | 7.5 | HIGH | β | 0 |
| CVE-2026-32314 Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. Prior to 0.13.10, the Rust implementation of Yamux can panic when processing a crafted inbound Data frame that sets SYN... | 7.5 | HIGH | β | 0 |
| CVE-2026-22727 Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replac... | 7.5 | HIGH | β | 0 |
| CVE-2026-42423 OpenClaw before 2026.4.8 contains an approval-timeout fallback mechanism that bypasses strictInlineEval explicit-approval requirements on gateway and node exec hosts. Attackers can exploit this timeou... | 7.5 | HIGH | β | 0 |
| CVE-2026-41405 OpenClaw before 2026.3.31 parses MS Teams webhook request bodies before performing JWT validation, allowing unauthenticated attackers to trigger resource exhaustion. Remote attackers can send maliciou... | 7.5 | HIGH | β | 0 |
| CVE-2026-4269 A missing S3 ownership verification in the Bedrock AgentCore Starter Toolkit before version v0.1.13 may allow a remote actor to inject code during the build process, leading to code execution in the A... | 7.5 | HIGH | β | 0 |
| CVE-2026-26999 Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a T... | 7.5 | HIGH | β | 0 |
| CVE-2026-32981 A path traversal vulnerability was identified in Ray Dashboard (default port 8265) in Ray versions prior to 2.8.1. Due to improper validation and sanitization of user-supplied paths in the static file... | 7.5 | HIGH | β | 0 |
| CVE-2026-35064 A vulnerability inΒ SenseLiveΒ X3050βs management ecosystem allows unauthenticated discovery of deployed units through the vendorβs management protocol, enabling identification of device presence, ident... | 7.5 | HIGH | β | 0 |
| CVE-2026-32256 music-metadata is a metadata parser for audio and video media files. Prior to version 11.12.3, music-metadata's ASF parser (`parseExtensionObject()` in `lib/asf/AsfParser.ts:112-158`) enters an infini... | 7.5 | HIGH | β | 0 |
| CVE-2026-29856 An issue in the VirtualHost configuration handling/parser component of aaPanel v7.57.0 allows attackers to cause a Regular Expression Denial of Service (ReDoS) via a crafted input. | 7.5 | HIGH | β | 0 |
| CVE-2026-29858 A lack of path validation in aaPanel v7.57.0 allows attackers to execute a local file inclusion (LFI), leadingot sensitive information exposure. | 7.5 | HIGH | β | 0 |
| CVE-2026-34824 Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1.2.5, an uncontrolled resource consumption vulnerability exists in the WebSocket... | 7.5 | HIGH | β | 0 |
| CVE-2026-3658 The Appointment Booking Calendar β Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the 'fields' parameter in all versions up to, and including, 1.6.... | 7.5 | HIGH | β | 0 |
| CVE-2026-33901 ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a heap buffer overflow occurs in the MVG decoder that coul... | 7.5 | HIGH | β | 0 |
| CVE-2026-33096 Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network. | 7.5 | HIGH | β | 0 |
| CVE-2026-40074 SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.57.1, redirect, when called from inside the handle server hook with a location parameter co... | 7.5 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.