Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-41191 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, `MailboxesController::updateSave()` persists `chat_start_new` outside the allowed-field filter. A user with only... | 7.1 | HIGH | β | 0 |
| CVE-2026-41190 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, when `APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS` is enabled, direct conversation view correctly blocks users who are ... | 7.1 | HIGH | β | 0 |
| CVE-2026-41189 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, customer-thread editing is authorized through `ThreadPolicy::edit()`, which checks mailbox access but does not a... | 7.1 | HIGH | β | 0 |
| CVE-2026-41183 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the assigned-only restriction is applied to direct conversation view and folder queries, but not to non-folder q... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-40592 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the undo-send route `GET /conversation/undo-reply/{thread_id}` checks only whether the current user can view the... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-40591 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the phone-conversation creation flow accepts attacker-controlled `customer_id`, `name`, `to_email`, and `phone` ... | 7.1 | HIGH | β | 0 |
| CVE-2026-40590 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the Change Customer modal exposes a βCreate a new customerβ flow via POST /customers/ajax with action=create. Un... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-40589 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, a low-privileged agent can edit a visible customer and add an email address already owned by a hidden customer i... | 7.6 | HIGH | β | 0 |
| CVE-2026-40586 blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the login form handler performs no throttling of any kind. Failed authentication attempts are processed at full network speed wi... | 7.5 | HIGH | β | 0 |
| CVE-2026-40585 blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a password reset is initiated, a 128-character CSPRNG token is generated and stored alongside a password_reset_at timestamp... | 7.4 | HIGH | β | 0 |
| CVE-2026-40584 RansomLook is a tool to monitor Ransomware groups and markets and extract their victims. Prior to 1.9.0, the API in the affected application improperly filters private location entries in website/web/... | N/A | NONE | β | 0 |
| CVE-2026-40583 UltraDAG is a minimal DAG-BFT blockchain in Rust. In version 0.1, a non-council attacker can submit a signed SmartOp::Vote transaction that passes signature, nonce, and balance prechecks, but fails au... | N/A | NONE | β | 0 |
| CVE-2026-40576 excel-mcp-server is a Model Context Protocol server for Excel file manipulation. A path traversal vulnerability exists in excel-mcp-server versions up to and including 0.1.7. When running in SSE or St... | 9.4 | CRITICAL | β | 0 |
| CVE-2026-40574 OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Prior to 7.15.2, an authorization bypass exists in OAuth2 Proxy as part of the email_domain enforcement option. An ... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-40570 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, the `load_customer_info` action in `POST /conversation/ajax` returns complete customer profile data to any authe... | N/A | NONE | β | 0 |
| CVE-2026-40569 FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a mass assignment vulnerability in the mailbox connection settings endpoints of FreeScout (`connectionIncom... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-40568 FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a stored cross-site scripting (XSS) vulnerability in the mailbox signature feature. The sanitization functi... | 8.5 | HIGH | β | 0 |
| CVE-2026-40567 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can inject arbitrary HTML into outgoing emails generated by FreeScout by sending an ... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-40566 FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a Server-Side Request Forgery (SSRF) vulnerability in the IMAP/SMTP connection test functionality of FreeSc... | 4.1 | MEDIUM | β | 0 |
| CVE-2026-40279 BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decode_signed32() in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes u... | 3.7 | LOW | β | 0 |
| CVE-2026-40161 Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. From 1.0.0 to 1.10.0, the Tekton Pipelines git resolver in API mode sends the system-configured Git API token... | 7.7 | HIGH | β | 0 |
| CVE-2026-40050 CrowdStrike has released security updates to address a critical unauthenticated path traversal vulnerability (CVE-2026-40050) in LogScale. This vulnerability only requires mitigation by customers that... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-38835 Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the formSetUSBPartitionUmount function via the usbPartitionName parameter. This vulnerability allows attackers to ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-38834 Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the do_ping_action function via the hostName parameter. This vulnerability allows attackers to execute arbitrary c... | 7.3 | HIGH | β | 0 |
| CVE-2026-35451 Twenty is an open source CRM. Prior to 1.20.6, a Stored Cross-Site Scripting (XSS) vulnerability exists in the BlockNote editor component. Due to a lack of protocol validation in the FileBlock compone... | 5.7 | MEDIUM | β | 0 |
| CVE-2026-30452 Textpattern CMS 4.9.0 contains a Broken Access Control vulnerability in the article management system that allows authenticated users with low privileges to modify articles owned by users with higher ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-29179 October is a Content Management System (CMS) and web platform. Prior to 3.7.16 and 4.1.16, fine-grained sub-permission checks for asset and blueprint file operations were not enforced in the CMS and T... | 3.3 | LOW | β | 0 |
| CVE-2026-27937 October is a Content Management System (CMS) and web platform. Prior to 3.7.16 and 4.1.16, a reflected Cross-Site Scripting (XSS) vulnerability was identified in the backend DataTable widget where a q... | 3.1 | LOW | β | 0 |
| CVE-2026-26274 October is a Content Management System (CMS) and web platform. Prior to 3.7.14 and 4.1.10, a vulnerability was identified in the Twig sandbox security policy that allowed database write operations whe... | 6.6 | MEDIUM | β | 0 |
| CVE-2026-26067 October is a Content Management System (CMS) and web platform. Prior to 3.7.14 and 4.1.10, a server-side information disclosure vulnerability was identified in the handling of CSS preprocessor files. ... | 4.9 | MEDIUM | β | 0 |
| CVE-2026-25542 Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. From 0.43.0 to 1.11.0, trusted resources verification policies match a resource source string (refSource.URI)... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-24189 NVIDIA CUDA-Q contains a vulnerability in an endpoint, where an unauthenticated attacker could cause an out-of-bounds read by sending a maliciously crafted request. A successful exploit of this vulner... | 8.2 | HIGH | β | 0 |
| CVE-2026-24177 NVIDIA KAI Scheduler contains a vulnerability where an attacker could access API endpoints without authorization. A successful exploit of this vulnerability might lead to information disclosure. | 7.7 | HIGH | β | 0 |
| CVE-2026-24176 NVIDIA KAI Scheduler contains a vulnerability where an attacker could cause improper authorization through cross-namespace pod references. A successful exploit of this vulnerability might lead to data... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-21571 This Critical severity OS Command Injection vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. Β This RCE (Remote Code... | N/A | NONE | β | 0 |
| CVE-2019-25714 Seeyon OA A8 contains an unauthenticated arbitrary file write vulnerability in the /seeyon/htmlofficeservlet endpoint that allows remote attackers to write arbitrary files to the web application root ... | N/A | NONE | β | 0 |
| CVE-2026-40565 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's linkify() function in app/Misc/Helper.php converts plain-text URLs in email bodies into HTML anchor ... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-40498 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-37748 Visitor Management System 1.0 by sanjay1313 is vulnerable to Unrestricted File Upload in vms/php/admin_user_insert.php and vms/php/update_1.php. The move_uploaded_file() function is called without any... | 7.2 | HIGH | β | 0 |
| CVE-2025-41029 SQL injection vulnerability in Zeon Academy Pro by Zeon Global Tech. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a POST request using the paramet... | N/A | NONE | β | 0 |
| CVE-2025-41011 HTML injection vulnerability in PHP Point of Sale v19.4. This vulnerability allows an attacker to render HTML in the victim's browser due to a lack of proper validation of user input by sending a requ... | N/A | NONE | β | 0 |
| CVE-2025-15638 Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt. Net::Dropbear versions before 0.14 includes versions of Dropbear 2019.78 or earlier. These include versions o... | 10.0 | CRITICAL | β | 0 |
| CVE-2017-20230 Storable versions before 3.05 for Perl has a stack overflow. The retrieve_hook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-5789 Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a... | 7.8 | HIGH | β | 0 |
| CVE-2026-3298 The method "sock_recvfrom_into()" of "asyncio.ProacterEventLoop" (Windows only) was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer w... | N/A | NONE | β | 0 |
| CVE-2026-31019 In the Website module of Dolibarr ERP & CRM 22.0.4 and below, the application uses blacklist-based filtering to restrict dangerous PHP functions related to system command execution. An authenticated u... | 8.8 | HIGH | β | 0 |
| CVE-2026-31018 In Dolibarr ERP & CRM <= 22.0.4, PHP code detection and editing permission enforcement in the Website module is not applied consistently to all input parameters, allowing an authenticated user restric... | 8.8 | HIGH | β | 0 |
| CVE-2026-31014 Dovestones Softwares AD Self Update <4.0.0.5 is vulnerable to Cross Site Request Forgery (CSRF). The affected endpoint processes state-changing requests without requiring a CSRF token or equivalent pr... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-31013 Dovestones Softwares ADPhonebook <4.0.1.1 has a reflected cross-site scripting (XSS) vulnerability in the search parameter of the /ADPhonebook?Department=HR endpoint. User-supplied input is reflected ... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-29644 XiangShan (open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) has improper gating of its distributed CSR write-enable path, allowing illegal CS... | 5.3 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.