Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-26342 Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior implement an authentication token (X-User-Token) with insufficient expiration. An attacker who obtains a valid token... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27194 D-Tale is a visualizer for pandas data structures. Versions prior to 3.20.0 are vulnerable to Remote Code Execution through the /save-column-filter endpoint. Users hosting D-Tale publicly can be vulne... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-1774 CASL Ability, versions 2.4.0 through 6.7.4, contains a prototype pollution vulnerability. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-21531 Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-47748 Hasura GraphQL 1.3.3 contains a remote code execution vulnerability that allows attackers to execute arbitrary shell commands through SQL query manipulation. Attackers can inject commands into the run... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69329 Deserialization of Untrusted Data vulnerability in Jthemes Prestige prestige allows Object Injection.This issue affects Prestige: from n/a through < 1.4.1. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2095 Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain arbitrary user authentication token ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-24494 SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25938 FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. From 1.2.8 through 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to execut... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-34935 PraisonAI is a multi-agent teams system. From version 4.5.15 to before version 4.5.69, the --mcp CLI argument is passed directly to shlex.split() and forwarded through the call chain to anyio.open_pro... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-20418 In Thread, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25895 FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. A path traversal vulnerability in FUXA allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locati... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-25254 NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-5329 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Martcode Software Inc. Delta Course Automation allows SQL Injection.This issue affects Delta Cours... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-37184 Allok Video Converter 4.6.1217 contains a stack overflow vulnerability in the License Name input field that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26702 sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/myitem_reuse.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25955 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reuses a cached `XImage` whose `data` pointer references a freed RDPGFX surfac... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27975 Ajenti is a Linux and BSD modular server admin panel. Prior to version 2.2.13, an unauthenticated user could gain access to a server to execute arbitrary code on this server. This is fixed in the vers... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66802 Sourcecodester Covid-19 Contact Tracing System 1.0 is vulnerable to RCE (Remote Code Execution). The application receives a reverse shell (php) into imagem of the user enabling RCE. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-1188 In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all supported processor features was not accounting for the separator inserted between pro... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66913 JimuReport thru version 2.1.3 is vulnerable to remote code execution when processing user-controlled H2 JDBC URLs. The application passes the attacker-supplied JDBC URL directly to the H2 driver, allo... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-24371 Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everyt... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36997 BacklinkSpeed 2.4 contains a buffer overflow vulnerability that allows attackers to corrupt the Structured Exception Handler (SEH) chain through malicious file import. Attackers can craft a specially ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-50981 An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-21969 Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Supplier Portal). The supported version that is affected is 6.2.4. Easily exploi... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-37012 Tea LaTex 1.0 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary shell commands through the /api.php endpoint. Attackers can craft a malicious La... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25814 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, User-controlled query parameters are passed directly into DynamoDB query/filter construction without v... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-29329 Buffer Overflow in the ippprint (Internet Printing Protocol) service in Sagemcom F@st 3686 MAGYAR_4.121.0 allows remote attacker to execute arbitrary code by sending a crafted HTTP request. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-15030 The User Profile Builder WordPress plugin before 3.15.2 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their usern... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-14233 Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unre... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25875 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts client-controlled JWT claims (role and scope) without enforc... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26341 Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with default credentials that are not forced to be changed during installation or commissioning. An attacker wh... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25809 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the code evaluation endpoint does not validate the assessment lifecycle state before allowing executio... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-13563 The Lizza LMS Pro plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the 'lizza_lms_pro_register_user_front_end' function not restri... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69542 A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA1 v102b07. The vulnerability exists in the lease renewal processing logic where the DHCP hostname par... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-15521 The Academy LMS β WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.5.0. This... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2807 Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2096 Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23906 Affected Products and Versions * Apache Druid * Affected Versions: 0.17.0 through 35.x (all versions prior to 36.0.0) * Prerequisites: * druid-basic-security extension enabled * LDAP aut... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11242 Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request Forgery.This issue affects Okulistik: th... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-1357 The Migration, Backup, Staging β WPvivid Backup & Migration plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Upload in versions up to and including 0.9.123. This is due to improper... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-14232 Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unre... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-49994 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Athens athens allows PHP Local File Inclusion.This issue affects Athen... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-62581 Delta Electronics DIAView has multiple vulnerabilities. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-24531 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affect... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70314 webfsd 1.21 is vulnerable to a Buffer Overflow via a crafted request. This is due to the filename variable | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69370 Deserialization of Untrusted Data vulnerability in ThemeGoods Capella capella allows Object Injection.This issue affects Capella: from n/a through <= 2.5.5. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-37002 Ajenti 2.1.36 contains an authentication bypass vulnerability that allows remote attackers to execute arbitrary commands after successful login. Attackers can leverage the /api/terminal/create endpoin... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69371 Deserialization of Untrusted Data vulnerability in AncoraThemes KindlyCare kindlycare allows Object Injection.This issue affects KindlyCare: from n/a through <= 1.6.1. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69985 FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution (RCE). The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trust... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.