Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-32156 Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally. | 7.4 | HIGH | β | 0 |
| CVE-2026-34076 Clerk JavaScript is the official JavaScript repository for Clerk authentication. In @clerk/hono from versions 0.1.0 to before 0.1.5, @clerk/express from versions 2.0.0 to before 2.0.7, @clerk/backend ... | 7.4 | HIGH | β | 0 |
| CVE-2026-35629 OpenClaw before 2026.3.25 contains a server-side request forgery vulnerability in multiple channel extensions that fail to properly guard configured base URLs against SSRF attacks. Attackers can explo... | 7.4 | HIGH | β | 0 |
| CVE-2026-32887 Effect is a TypeScript framework that consists of several packages that work together to help build TypeScript applications. Prior to version 3.20.0, when using `RpcServer.toWebHandler` (or `HttpApp.t... | 7.4 | HIGH | β | 0 |
| CVE-2026-33724 n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host k... | 7.4 | HIGH | β | 0 |
| CVE-2026-41603 Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes... | 7.4 | HIGH | β | 0 |
| CVE-2026-2332 In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funky chunks" techniques outlined here: * https://w4ke.info/2025/06/18/funky... | 7.4 | HIGH | β | 0 |
| CVE-2026-32144 Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response... | 7.4 | HIGH | β | 0 |
| CVE-2026-32019 OpenClaw versions prior to 2026.2.22 contain incomplete IPv4 special-use range validation in the isPrivateIpv4() function, allowing requests to RFC-reserved ranges to bypass SSRF policy checks. Attack... | 7.4 | HIGH | β | 0 |
| CVE-2026-35560 Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication cred... | 7.4 | HIGH | β | 0 |
| CVE-2026-4371 A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an a... | 7.4 | HIGH | β | 0 |
| CVE-2026-35561 Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authenticatio... | 7.4 | HIGH | β | 0 |
| CVE-2026-33131 H3 is a minimal H(TTP) framework. Versions 2.0.0-0 through 2.0.1-rc.14 contain a Host header spoofing vulnerability in the NodeRequestUrl (which extends FastURL) which allows middleware bypass. When e... | 7.4 | HIGH | β | 0 |
| CVE-2026-33643 SQL Injection vulnerability in SchemaHero 0.23.0 via the column parameter to the mysqlColumnAsInsert function in file plugins/mysql/lib/column.go. | 7.4 | HIGH | β | 0 |
| CVE-2026-29953 SQL Injection vulnerability in SchemaHero 0.23.0 via the column parameter to the columnAsInsert function in file plugins/postgres/lib/column.go. | 7.4 | HIGH | β | 0 |
| CVE-2026-40153 PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, the execute_command function in shell_tools.py calls os.path.expandvars() on every command argument at line 64, manually re-implementin... | 7.4 | HIGH | β | 0 |
| CVE-2026-20010 A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an... | 7.4 | HIGH | β | 0 |
| CVE-2026-1707 pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An att... | 7.4 | HIGH | β | 0 |
| CVE-2026-40585 blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a password reset is initiated, a 128-character CSPRNG token is generated and stored alongside a password_reset_at timestamp... | 7.4 | HIGH | β | 0 |
| CVE-2026-33667 OpenProject is an open-source project management application. In versions prior to 17.3.0, 2FA OTP verification in the confirm_otp action of the two_factor_authentication module has no rate limiting, ... | 7.4 | HIGH | β | 0 |
| CVE-2025-70045 An issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in H... | 7.4 | HIGH | β | 0 |
| CVE-2025-48630 In drawLayersInternal of SkiaRenderEngine.cpp, there is a possible way to access the GPU cache due to side channel information disclosure. This could lead to local escalation of privilege with no addi... | 7.4 | HIGH | β | 0 |
| CVE-2026-4428 A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a revoked certificate to bypass certificate... | 7.4 | HIGH | β | 0 |
| CVE-2025-63945 A privilege escalation (PE) vulnerability in the Tencent iOA app thru 210.9.28693.621001 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requir... | 7.4 | HIGH | β | 0 |
| CVE-2026-20033 A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vul... | 7.4 | HIGH | β | 0 |
| CVE-2026-28791 Tina is a headless content management system. Prior to 2.1.7, a path traversal vulnerability exists in the TinaCMS development server's media upload handler. The code at media.ts joins user-controlled... | 7.4 | HIGH | β | 0 |
| CVE-2025-63946 A privilege escalation (PE) vulnerability in the Tencent PC Manager app thru 17.10.28554.205 on Windows devices enables a local user to execute programs with elevated privileges. However, execution re... | 7.4 | HIGH | β | 0 |
| CVE-2026-32132 ZITADEL is an open source identity management platform. Prior to 3.4.8 and 4.12.2, a potential vulnerability exists in Zitadel's passkey registration endpoints. This endpoint allows registering a new ... | 7.4 | HIGH | β | 0 |
| CVE-2025-70058 An issue pertaining to CWE-295: Improper Certificate Validation was discovered in YMFE yapi v1.12.0. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in t... | 7.4 | HIGH | β | 0 |
| CVE-2026-31989 OpenClaw versions prior to 2026.3.1 contain a server-side request forgery vulnerability in web_search citation redirect resolution that uses a private-network-allowing SSRF policy. An attacker who can... | 7.4 | HIGH | β | 0 |
| CVE-2026-26214 Galaxy FDS Android SDK (XiaoMi/galaxy-fds-sdk-android) version 3.0.8 and prior disable TLS hostname verification when HTTPS is enabled (the default configuration). In GalaxyFDSClientImpl.createHttpCli... | 7.4 | HIGH | β | 0 |
| CVE-2026-20051 A vulnerability with the Ethernet VPN (EVPN) Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, a... | 7.4 | HIGH | β | 0 |
| CVE-2026-0112 In vpu_open_inst of vpu_ioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User inter... | 7.4 | HIGH | β | 0 |
| CVE-2025-70093 An issue in OpenSourcePOS v3.4.1 allows attackers to execute arbitrary code via returning a crafted AJAX response. | 7.4 | HIGH | β | 0 |
| CVE-2026-32631 Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricki... | 7.4 | HIGH | β | 0 |
| CVE-2026-42799 Out-of-bounds read vulnerability in ASR Kestrel (nr_fw modules) allows Overflow Buffers. This vulnerability is associated with program files Code/Nr/nr_fw/RA/src/NrPwrCtrl.C. This issue affects K... | 7.4 | HIGH | β | 0 |
| CVE-2026-42800 NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated with program files sip/utils/src/si... | 7.4 | HIGH | β | 0 |
| CVE-2026-27856 Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the configured credentials. Figuring out the credential wil... | 7.4 | HIGH | β | 0 |
| CVE-2026-41882 In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server | 7.4 | HIGH | β | 0 |
| CVE-2026-32775 libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow. | 7.4 | HIGH | β | 0 |
| CVE-2026-25167 Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. | 7.4 | HIGH | β | 0 |
| CVE-2026-25569 A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). An out-of-bounds write vulnerability exists in SICAM SIAPP SDK. This could allow an attacker to write data beyond the in... | 7.4 | HIGH | β | 0 |
| CVE-2026-25570 A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK does not perform checks on input values potentially resulting in stack overflow. This could allow an... | 7.4 | HIGH | β | 0 |
| CVE-2026-32242 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.11 and 8.6.37, Parse Server's built-in OAuth2 auth adapter exports a single... | 7.4 | HIGH | β | 0 |
| CVE-2026-25573 A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected application builds shell commands with caller-provided strings and executes them. An attacker could influen... | 7.4 | HIGH | β | 0 |
| CVE-2025-48568 In multiple locations, there is a possible lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ... | 7.4 | HIGH | β | 0 |
| CVE-2025-48577 In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privile... | 7.4 | HIGH | β | 0 |
| CVE-2026-28372 telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40... | 7.4 | HIGH | β | 0 |
| CVE-2026-2378 ArcSearch for Android versions prior to 1.12.7 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web co... | 7.4 | HIGH | β | 0 |
| CVE-2026-33608 An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend ... | 7.4 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.