Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-39971 Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the email sending functionality in include/functions.inc.php inserts $_SERVER['HTTP_HOST'] directly into the Message-ID SMT... | 7.2 | HIGH | β | 0 |
| CVE-2025-61848 An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.... | 7.2 | HIGH | β | 0 |
| CVE-2026-23882 Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the MCP (Model Context Protocol) server creation function allows specifying arbitrary commands and arguments, which are execut... | 7.2 | HIGH | β | 0 |
| CVE-2026-33133 WeGIA is a web manager for charitable institutions. In versions 3.6.5 and 3.6.6, the loadBackupDB() function imports SQL files from uploaded backup archives without any content validation. An attacker... | 7.2 | HIGH | β | 0 |
| CVE-2026-33715 Chamilo LMS is an open-source learning management system. In version 2.0-RC.2, the file public/main/inc/ajax/install.ajax.php is accessible without authentication on fully installed instances because,... | 7.2 | HIGH | β | 0 |
| CVE-2026-29782 OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, the oauth2.php file in OpenSTAManager is an unauthenticated endpoint ($skip_permis... | 7.2 | HIGH | β | 0 |
| CVE-2026-33273 Unrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, an arbitrary file may be created by an administrator of the produc... | 7.2 | HIGH | β | 0 |
| CVE-2026-7219 A flaw has been found in Totolink N300RT 3.4.0-B20250430. This affects an unknown function of the file /boafrm/formIpQoS. Executing a manipulation of the argument entry_name can lead to buffer overflo... | 7.2 | HIGH | β | 0 |
| CVE-2026-5627 A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the `AgentFlows` component. The vulnerability arises from improper handling of user input... | 7.2 | HIGH | β | 0 |
| CVE-2026-4808 The Gerador de Certificados β DevApps plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the moveUploadedFile() function in all versions up to, and inc... | 7.2 | HIGH | β | 0 |
| CVE-2026-33906 Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, the NetworkManager role was granted backup and restore permission. The restore endpoint accepted any valid SQLite file wit... | 7.2 | HIGH | β | 0 |
| CVE-2025-69986 A buffer overflow vulnerability exists in the ONVIF GetStreamUri function of LSC Indoor Camera V7.6.32. The application fails to validate the length of the Protocol parameter inside the Transport elem... | 7.2 | HIGH | β | 0 |
| CVE-2026-1841 The PixelYourSite β Your smart PIXEL (TAG) & API Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pysTrafficSource' parameter and the 'pys_landing_page' parameter in ... | 7.2 | HIGH | β | 0 |
| CVE-2026-6483 A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. I... | 7.2 | HIGH | β | 0 |
| CVE-2026-33881 Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Workspace environment variable values are interpolated into JavaScript string literals withou... | 7.2 | HIGH | β | 0 |
| CVE-2026-25917 Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly tru... | 7.2 | HIGH | β | 0 |
| CVE-2026-1540 The Spam Protect for Contact Form 7 WordPress plugin before 1.2.10 allows logging to a PHP file, which could allow an attacker with editor access to achieve Remote Code Execution by using a crafted he... | 7.2 | HIGH | β | 0 |
| CVE-2026-7247 A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function file_exten_asp of the file file_exten.asp of the component File Extension Handler. The manipulation ... | 7.2 | HIGH | β | 0 |
| CVE-2025-69378 Incorrect Privilege Assignment vulnerability in XforWooCommerce Product Filter for WooCommerce prdctfltr allows Privilege Escalation.This issue affects Product Filter for WooCommerce: from n/a through... | 7.2 | HIGH | β | 0 |
| CVE-2026-40038 Pachno 1.0.6 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads into POST parameters. Attackers can in... | 7.2 | HIGH | β | 0 |
| CVE-2026-39325 ChurchCRM is an open-source church management system. Prior to 7.1.0, an SQL injection vulnerability was found in the endpoint /SettingsUser.php in ChurchCRM 7.0.5. Authenticated administrative users ... | 7.2 | HIGH | β | 0 |
| CVE-2025-15519 Improper input handling in a modem-management administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An ... | 7.2 | HIGH | β | 0 |
| CVE-2026-35476 InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, a non-staff authenticated user can elevate their account to a staff level via a POST request against their user accou... | 7.2 | HIGH | β | 0 |
| CVE-2026-30940 baserCMS is a website development framework. Prior to version 5.2.3, a path traversal vulnerability exists in the theme file management API (/baser/api/admin/bc-theme-file/theme_files/add.json) that a... | 7.2 | HIGH | β | 0 |
| CVE-2026-39343 ChurchCRM is an open-source church management system. Prior to 7.1.0, a SQL injection vulnerability exists in the EditEventTypes.php file, which is only accessible to administrators. The EN_tyid POST ... | 7.2 | HIGH | β | 0 |
| CVE-2026-27602 Modoboa is a mail hosting and management platform. Prior to version 2.7.1, `exec_cmd()` in `modoboa/lib/sysutils.py` always runs subprocess calls with `shell=True`. Since domain names flow directly in... | 7.2 | HIGH | β | 0 |
| CVE-2026-35536 In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.set_cookie were not checked for crafted characters. | 7.2 | HIGH | β | 0 |
| CVE-2026-33725 Metabase is an open source business intelligence and embedded analytics tool. In Metabase Enterprise prior to versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4, authenticated admins on ... | 7.2 | HIGH | β | 0 |
| CVE-2026-24504 Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper input validation ... | 7.2 | HIGH | β | 0 |
| CVE-2026-7191 Improper use of the static-eval npm package in the open source solution qnabot-on-aws versions 7.2.4 and earlier may allow an authenticated administrator to execute arbitrary code within the fulfillme... | 7.2 | HIGH | β | 0 |
| CVE-2026-26943 Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an OS command injection vulne... | 7.2 | HIGH | β | 0 |
| CVE-2026-23898 Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism. | 7.2 | HIGH | β | 0 |
| CVE-2026-25932 GLPI is a Free Asset and IT Management Software package. From 0.60 to before 10.0.24, an authenticated technician user can store an XSS payload in a supplier fields. This vulnerability is fixed in 10.... | 7.2 | HIGH | β | 0 |
| CVE-2026-33613 Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise. ... | 7.2 | HIGH | β | 0 |
| CVE-2026-37343 SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_user.php. | 7.2 | HIGH | β | 0 |
| CVE-2026-34724 Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, a server-side template injection vulnerability which leads to RCE via AI Agent exists. Impact is limited to environ... | 7.2 | HIGH | β | 0 |
| CVE-2026-27885 Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, a SQL Injection vulnerability was discovered in Piwigo affecting the Activity List API endpoint. This vulnerabi... | 7.2 | HIGH | β | 0 |
| CVE-2026-33914 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the PostCalendar module contains a blind SQL injection vulnerability ... | 7.2 | HIGH | β | 0 |
| CVE-2026-37341 SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_category.php. | 7.2 | HIGH | β | 0 |
| CVE-2026-4113 An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials. | 7.2 | HIGH | β | 0 |
| CVE-2026-34217 SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, a scope modification vulnerability exists in @nyariv/sandboxjs. The vulnerability allows untrusted sandboxed code to leak internal interp... | 7.2 | HIGH | β | 0 |
| CVE-2026-42043 Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, an attacker who can influence the target URL of an Axios request can use any address in the 127.0.0.0/8 ra... | 7.2 | HIGH | β | 0 |
| CVE-2026-33392 In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass | 7.2 | HIGH | β | 0 |
| CVE-2026-23776 Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13... | 7.2 | HIGH | β | 0 |
| CVE-2026-40114 PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /api/v1/runs endpoint accepts an arbitrary webhook_url in the request body with no URL validation. When a submitted job completes (succes... | 7.2 | HIGH | β | 0 |
| CVE-2026-23778 Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13... | 7.2 | HIGH | β | 0 |
| CVE-2026-27043 Unrestricted Upload of File with Dangerous Type vulnerability in ThemeGoods Photography allows Path Traversal.This issue affects Photography: from n/a before 7.7.6. | 7.2 | HIGH | β | 0 |
| CVE-2026-35056 XenForo before 2.3.9 and before 2.2.18 allows remote code execution (RCE) by authenticated, but malicious, admin users. An attacker with admin panel access can execute arbitrary code on the server. | 7.2 | HIGH | β | 0 |
| CVE-2026-1937 The YayMail β WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the `yayma... | 7.2 | HIGH | β | 0 |
| CVE-2026-37342 SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/view_parked_details.php. | 7.2 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.