Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-27084 Deserialization of Untrusted Data vulnerability in ThemeREX Buisson buisson allows Object Injection.This issue affects Buisson: from n/a through <= 1.1.11. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-33439 Open Access Management (OpenAM) is an access management solution. Prior to 16.0.6, OpenIdentityPlatform OpenAM is vulnerable to pre-authentication Remote Code Execution (RCE) via unsafe Java deseriali... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2942 The ProSolution WP Client plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'proSol_fileUploadProcess' function in all versions up to, and includi... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3596 The Riaxe Product Customizer plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.2. The plugin registers an unauthenticated AJAX action ('wp_ajax_nopri... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31271 megagao production_ssm v1.0 contains an authorization bypass vulnerability in the user addition functionality. The insert() method in UserController.java lacks authentication checks, allowing unauthen... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-39324 Rack::Session is a session management implementation for Rack. From 2.0.0 to before 2.1.2, Rack::Session::Cookie incorrectly handles decryption failures when configured with secrets:. If cookie decryp... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4003 The Users manager β PN plugin for WordPress is vulnerable to Privilege Escalation via Arbitrary User Meta Update in all versions up to and including 1.1.15. This is due to a flawed authorization logic... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3535 The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the `DSGVOGWPdownloadGoogleFonts()` function in all versions up to, a... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32502 Deserialization of Untrusted Data vulnerability in Select-Themes Borgholm borgholm-marketing-agency-theme allows Object Injection.This issue affects Borgholm: from n/a through < 1.6. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-29859 An arbitrary file upload vulnerability in aaPanel v7.57.0 allows attackers to execute arbitrary code via uploading a crafted file. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-30307 Roo Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regula... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32191 Improper neutralization of special elements used in an os command ('os command injection') in Microsoft Bing Images allows an unauthorized attacker to execute code over a network. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27051 Incorrect Privilege Assignment vulnerability in uxper Golo golo allows Privilege Escalation.This issue affects Golo: from n/a through <= 1.7.0. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-30694 An issue in DedeCMS v.5.7.118 and before allows a remote attacker to execute arbitrary code via the array_filter component | 9.8 | CRITICAL | β | 0 |
| CVE-2017-20236 ProSoft Technology ICX35-HWC versions 1.3 and prior cellular gateways contain an input validation vulnerability in the web user interface that allows remote attackers to inject and execute system comm... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-5902 Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream metadata via a crafted HTML page. (Chromium ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-30402 An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection function | 9.8 | CRITICAL | β | 0 |
| CVE-2026-33228 flatted is a circular JSON parser. Prior to version 3.4.2, the parse() function in flatted can use attacker-controlled string values from the parsed JSON as direct array index keys, without validating... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4585 A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-20911 A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer over... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4567 A vulnerability has been found in Tenda A15 15.13.07.13. The impacted element is the function UploadCfg of the file /cgi-bin/UploadCfg. The manipulation of the argument File leads to stack-based buffe... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4395 Heap-based buffer overflow in the KCAPI ECC code path of wc_ecc_import_x963_ex() in wolfSSL wolfcrypt allows a remote attacker to write attacker-controlled data past the bounds of the pubkey_raw buffe... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-36057 Koha Library before 23.05.10 fails to sanitize user-controllable filenames prior to unzipping, leading to remote code execution. The line "qx/unzip $filename -d $dirname/;" in upload-cover-image.pl is... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-33815 Memory-safety vulnerability in github.com/jackc/pgx/v5. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-6350 MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code. | 9.8 | CRITICAL | β | 0 |
| CVE-2017-20237 Hirschmann Industrial HiVision versions prior to 06.0.07 and 07.0.03 contains an authentication bypass vulnerability in the master service that allows unauthenticated remote attackers to execute arbit... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-35184 EcclesiaCRM is CRM Software for church management. Prior to 8.0.0, there is a SQL injection vulnerability in v2/templates/query/queryview.php via the custom and value parameters. This vulnerability is... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-0740 The Ninja Forms - File Uploads plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'NF_FU_AJAX_Controllers_Uploads::handle_upload' function in all v... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-36058 The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter bib_list in /cgi-bin/koha/opac-sendbasket.pl, a... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-44722 SysAK v2.0 and before is vulnerable to command execution via aaa;cat /etc/passwd. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25873 OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST req... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31972 SAMtools is a program for reading, manipulating and writing bioinformatics file formats. The `mpileup` command outputs DNA sequences that have been aligned against a known reference. On each output li... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4755 CWE-20 vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11. | 9.8 | CRITICAL | β | 0 |
| CVE-2017-20234 GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the a... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31170 An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stun-pass parameter to /cgi-bin/cstecgi.cgi. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3549 Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. ... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25614 Free Float FTP 1.0 contains a buffer overflow vulnerability in the STOR command handler that allows remote attackers to execute arbitrary code by sending a crafted STOR request with an oversized paylo... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32769 Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-34935 PraisonAI is a multi-agent teams system. From version 4.5.15 to before version 4.5.69, the --mcp CLI argument is passed directly to shlex.split() and forwarded through the call chain to anyio.open_pro... | 9.8 | CRITICAL | β | 0 |
| CVE-2017-20227 JAD Java Decompiler 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying overly long input that exceeds buffer boun... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2414 Authorization bypass through User-Controlled key vulnerability in HYPR Server allows Privilege Escalation.This issue affects Server: from 9.5.2 before 10.7.2. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32194 Improper neutralization of special elements used in a command ('command injection') in Microsoft Bing Images allows an unauthorized attacker to execute code over a network. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31151 An issue in the login mechanism of Kaleris YMS v7.2.2.1 allows attackers to bypass login verification to access the application 's resources. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-30702 The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) implements a broken authentication mechanism in its web management interface. The login page does not properly enforce session validation, al... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26830 pdf-image (npm package) through version 2.0.0 allows OS command injection via the pdfFilePath parameter. The constructGetInfoCommand and constructConvertCommandForPage functions use util.format() to i... | 9.8 | CRITICAL | β | 0 |
| CVE-2006-10003 XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will NOT be expanded. Then the new value will ... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25687 Pegasus CMS 1.0 contains a remote code execution vulnerability in the extra_fields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionalit... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27542 Incorrect Privilege Assignment vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture allows Privilege Escalation.This issue affects Woocommerce Wholesale Lead Capture: from n/a th... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-35171 Kedro is a toolbox for production-ready data science. Prior to 1.3.0, Kedro allows the logging configuration file path to be set via the KEDRO_LOGGING_CONFIG environment variable and loads it without ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4277 An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. Add permissions on inline model instances were not validated on submission of forged `POST` data in `GenericInli... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.