Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-28553 Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | 6.9 | MEDIUM | β | 0 |
| CVE-2026-34530 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to version 2.62.2, the SPA index page in File Browser is ... | 6.9 | MEDIUM | β | 0 |
| CVE-2026-41238 DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions 3.0.1 through 3.3.3 are vulnerable to a prototype pollution-based XSS bypass. When an application uses `DOMPu... | 6.9 | MEDIUM | β | 0 |
| CVE-2026-39963 Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the serendipity_setCookie() function in include/functions_config.inc.php uses $_SERVER['HTTP_HOST'] without validation as ... | 6.9 | MEDIUM | β | 0 |
| CVE-2026-40446 Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a7152... | 6.9 | MEDIUM | β | 0 |
| CVE-2026-32291 The GL-iNet Comet (GL-RM1) KVM before 1.8.2 does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UART pins. | 6.8 | MEDIUM | β | 0 |
| CVE-2025-33215 NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit o... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-21007 Improper check for exceptional conditions in Device Care prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Knox Guard. | 6.8 | MEDIUM | β | 0 |
| CVE-2025-62843 An improper restriction of communication channel to intended endpoints vulnerability has been reported to affect QHora. If an attacker gains physical access, they can then exploit the vulnerability to... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-5893 Race in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | 6.8 | MEDIUM | β | 0 |
| CVE-2026-32279 Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, a Server-Side Request Forgery (SSRF) iss... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-32007 OpenClaw versions prior to 2026.2.23 contain a path traversal vulnerability in the experimental apply_patch tool that allows attackers with sandbox access to modify files outside the workspace directo... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-33308 Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension.... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-29607 OpenClaw versions prior to 2026.2.22 contain an authorization bypass vulnerability in allow-always wrapper persistence that allows attackers to bypass approval checks by persisting wrapper-level allow... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-22174 OpenClaw versions prior to 2026.2.22 inject the x-OpenClaw-relay-token header into Chrome CDP probe traffic on loopback interfaces, allowing local processes to capture the Gateway authentication token... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-32649 A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras. | 6.8 | MEDIUM | β | 0 |
| CVE-2026-21011 Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Extend Unlock. | 6.8 | MEDIUM | β | 0 |
| CVE-2025-33216 NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A success... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-21003 Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions. | 6.8 | MEDIUM | β | 0 |
| CVE-2026-32496 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NYSL Spam Protect for Contact Form 7 wp-contact-form-7-spam-blocker allows Path Traversal.This issue aff... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-25328 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in add-ons.org Product File Upload for WooCommerce products-file-upload-for-woocommerce allows Path Travers... | 6.8 | MEDIUM | β | 0 |
| CVE-2025-15433 The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server (such as wp-config.php) via a path traversal vector | 6.8 | MEDIUM | β | 0 |
| CVE-2025-43534 A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.2 and iPadOS 26.2. A user with physical access to an iOS device may be able to... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-1724 GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to access API t... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-40574 OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Prior to 7.15.2, an authorization bypass exists in OAuth2 Proxy as part of the email_domain enforcement option. An ... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-27855 Dovecot OTP authentication is vulnerable to replay attack under specific conditions. If auth cache is enabled, and username is altered in passdb, then OTP credentials can be cached so that same OTP re... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-0205 A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services. | 6.8 | MEDIUM | β | 0 |
| CVE-2026-33220 Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't perform proper access control. This issue has been fi... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-34325 Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affect... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-42312 pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the set_config_value() API method (@permission(Perms.SETTINGS)) in src/pyload/core/api/__init__.py gates s... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-45025 WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user to inject malicious JavaScript into the "... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-45026 WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user to inject malicious JavaScript into the P... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-34775 Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.4, 40.8.4, and 41.0.0, the nodeIntegrationInWorker webPreference ... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-41397 OpenClaw before 2026.3.31 contains a sandbox escape vulnerability allowing attackers to traverse directory boundaries through symlink exploitation during file synchronization operations. Remote attack... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-34314 Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-28277 LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB (both sync and async, via aiosqlite). In version 1.0.9 and prior, LangGraph checkpointers can load msg... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-1749 There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission. | 6.8 | MEDIUM | β | 0 |
| CVE-2026-27125 svelte performance oriented web framework. Prior to 5.51.5, in server-side rendering, attribute spreading on elements (e.g. <div {...attrs}>) enumerates inherited properties from the object's prototyp... | 6.8 | MEDIUM | β | 0 |
| CVE-2025-32063 There is a misconfiguration vulnerability inside the Infotainment ECU manufactured by BOSCH. The vulnerability happens during the startup phase of a specific systemd service, and as a result, the foll... | 6.8 | MEDIUM | β | 0 |
| CVE-2025-10010 The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separ... | 6.8 | MEDIUM | β | 0 |
| CVE-2025-27900 IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web si... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-20142 In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster (SHC) deployment who holds a role with access to the Splunk `_internal` index could... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-2994 Concrete CMS below version 9.4.8 is subject toΒ CSRF by a Rogue Administrator using the Anti-Spam Allowlist Group Configuration via group_id parameter which can leads to a security bypass since changes... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-20138 In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster (SHC) deployment who holds a role with access to the Splunk `_internal` index could... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-27933 Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Versions prior to 0.133.0 are vulnerable to session hijack via cook... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-28423 Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, when Glide image manipulation is used in insecure mode (which is not the default), the imag... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-28338 PMD is an extensible multilanguage static code analyzer. Prior to version 7.22.0, PMD's `vbhtml` and `yahtml` report formats insert rule violation messages into HTML output without escaping. When PMD ... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-20144 In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Sear... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-21021 Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity. | 6.8 | MEDIUM | β | 0 |
| CVE-2025-40948 A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX15... | 6.8 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.