Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-41038 This vulnerability exists in Quantum Networks router due to lack of enforcement of strong password policies in the web-based management interface. An attacker on the same network could exploit this vu... | N/A | NONE | β | 0 |
| CVE-2026-6553 Changing backend users' passwords via the user settings module results in storing the cleartext password in the uc and user_settings fields of the be_users database table. This issue affects TYPO3 CMS... | N/A | NONE | β | 0 |
| CVE-2026-41037 This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same networ... | N/A | NONE | β | 0 |
| CVE-2026-41036 This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerab... | N/A | NONE | β | 0 |
| CVE-2026-3317 Reflected Cross-Site Scripting (XSS) vulnerability in Navigate Content Management System. The vulnerability is present in the '/blog' endpoint because user input is not properly sanitized through desi... | N/A | NONE | β | 0 |
| CVE-2026-39467 Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0. | 7.2 | HIGH | β | 0 |
| CVE-2025-13826 Zervit's portable HTTP/web server is vulnerable to remote DoS attacks when a configuration reset request is made. The vulnerability is caused by inadequate validation of user-supplied input. An attack... | N/A | NONE | β | 0 |
| CVE-2026-6712 The Website LLMs.txt plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 8.2.6 due to insufficient input sanitization and output ... | 4.4 | MEDIUM | β | 0 |
| CVE-2026-6711 The Website LLMs.txt plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 8.2.6. This is due to the use of filter_input() ... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-6703 The Responsive Blocks β Page Builder for Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.2.1. This is due to the plugin not properly... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-31370 Honor E APP is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality. | 6.3 | MEDIUM | β | 0 |
| CVE-2026-31369 PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability | 3.2 | LOW | β | 0 |
| CVE-2026-31368 AiAssistant is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability. | 7.8 | HIGH | β | 0 |
| CVE-2026-5965 NewSoftOA developed by NewSoft has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-6675 The Responsive Blocks β Page Builder for Blocks & Patterns plugin for WordPress is vulnerable to Unauthenticated Open Email Relay in all versions up to, and including, 2.2.0. This is due to insufficie... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-6674 The Plugin: CMS fΓΌr Motorrad WerkstΓ€tten plugin for WordPress is vulnerable to SQL Injection via the 'arttype' parameter in all versions up to, and including, 1.0.0 due to insufficient escaping on the... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-40497 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's `Helper::stripDangerousTags()` removes `<script>`, `<form>`, `<iframe>`, `<object>` but does NOT str... | 8.1 | HIGH | β | 0 |
| CVE-2026-6058 ** UNSUPPORTED WHEN ASSIGNED ** An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the WLAN to c... | 4.5 | MEDIUM | β | 0 |
| CVE-2026-40496 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, attachment download tokens are generated using a weak and predictable formula: `md5(APP_KEY + attachment_id + si... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-40250 OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, a... | 7.1 | HIGH | β | 0 |
| CVE-2026-40244 OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, a... | 7.1 | HIGH | β | 0 |
| CVE-2026-39973 Apktool is a tool for reverse engineering Android APK files. In versions 3.0.0 and 3.0.1, a path traversal vulnerability in `brut/androlib/res/decoder/ResFileDecoder.java` allows a maliciously crafted... | 7.1 | HIGH | β | 0 |
| CVE-2026-39886 OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer over... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-39866 Lawnchair is a free, open-source home app for Android. Prior to commit fcba413f55dd47f8a3921445252849126c6266b2, command injection in release_update.yml workflow dispatch input allows arbitrary code e... | 8.8 | HIGH | β | 0 |
| CVE-2026-40264 OpenBao is an open source identity-based secrets management system. OpenBao's namespaces provide multi-tenant separation. Prior to version 2.5.3, a tenant who leaks token accessors can have their toke... | N/A | NONE | β | 0 |
| CVE-2026-39946 OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, when OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, OpenBao failed to use p... | N/A | NONE | β | 0 |
| CVE-2026-39861 Claude Code is an agentic coding tool. Prior to version 2.1.64, Claude Code's sandbox did not prevent sandboxed processes from creating symlinks pointing to locations outside the workspace. When Claud... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-39396 OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, `ExtractPluginFromImage()` in OpenBao's OCI plugin downloader extracts a plugin binary from a container imag... | 3.1 | LOW | β | 0 |
| CVE-2026-39388 OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, OpenBao's Certificate authentication method, when a token renewal is requested and `disable_binding=true` is... | N/A | NONE | β | 0 |
| CVE-2026-39386 Neko is a a self-hosted virtual browser that runs in Docker and uses WebRTC In versions 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1, any authenticated user can immediately obtain full administrative ... | 8.8 | HIGH | β | 0 |
| CVE-2026-39378 The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when `HTMLExporter.embed_images=True`, nbconvert's markd... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-39377 The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file writes to locations outside the intende... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-39320 Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.25.0 are vulnerable to an unauthenticated Regular Expression Denial of Service (ReDoS) attack within t... | 7.5 | HIGH | β | 0 |
| CVE-2026-41331 OpenClaw before 2026.3.31 contains a resource consumption vulnerability in Telegram audio preflight transcription that allows unauthorized group senders to trigger transcription processing. Attackers ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-41330 OpenClaw before 2026.3.31 contains an environment variable override vulnerability in host exec policy that fails to properly enforce proxy, TLS, Docker, and Git TLS controls. Attackers can bypass secu... | 4.4 | MEDIUM | β | 0 |
| CVE-2026-41329 OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can ex... | 9.9 | CRITICAL | β | 0 |
| CVE-2026-41303 OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in Discord text approval commands that allows non-approvers to resolve pending exec approvals. Attackers can send Discord text ... | 8.8 | HIGH | β | 0 |
| CVE-2026-41302 OpenClaw before 2026.3.31 contains a server-side request forgery vulnerability in the marketplace plugin download functionality that allows remote attackers to make arbitrary network requests. Attacke... | 7.6 | HIGH | β | 0 |
| CVE-2026-41301 OpenClaw versions 2026.3.22 before 2026.3.31 contain a signature verification bypass vulnerability in the Nostr DM ingress path that allows pairing challenges to be issued before event signature valid... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-41300 OpenClaw before 2026.3.31 contains a trust-decline vulnerability that preserves attacker-discovered endpoints in remote onboarding flows. Attackers can route gateway credentials to malicious endpoints... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-41299 OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in the chat.send gateway method where ACP-only provenance fields are gated by self-declared client metadata from WebSocket hand... | 7.1 | HIGH | β | 0 |
| CVE-2026-41298 OpenClaw before 2026.4.2 fails to enforce write scopes on the POST /sessions/:sessionKey/kill endpoint in identity-bearing HTTP modes. Read-scoped callers can terminate running subagent sessions by se... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-41297 OpenClaw before 2026.3.31 contains a server-side request forgery vulnerability in the marketplace plugin download functionality that allows attackers to access internal resources by following unvalida... | 7.6 | HIGH | β | 0 |
| CVE-2026-41296 OpenClaw before 2026.3.31 contains a time-of-check-time-of-use race condition in the remote filesystem bridge readFile function that allows sandbox escape. Attackers can exploit the separate path vali... | 8.2 | HIGH | β | 0 |
| CVE-2026-41295 OpenClaw before 2026.4.2 contains an improper trust boundary vulnerability allowing untrusted workspace channel shadows to execute during built-in channel setup and login. Attackers can clone a worksp... | 7.8 | HIGH | β | 0 |
| CVE-2026-41294 OpenClaw before 2026.3.28 loads the current working directory .env file before trusted state-dir configuration, allowing environment variable injection. Attackers can place a malicious .env file in a ... | 8.6 | HIGH | β | 0 |
| CVE-2026-41285 In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery (ND) option (over a local network) with length zero, because of an "nd_op... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-40045 OpenClaw before 2026.4.2 accepts non-loopback cleartext ws:// gateway endpoints and transmits stored gateway credentials over unencrypted connections. Attackers can forge discovery results or craft se... | 5.7 | MEDIUM | β | 0 |
| CVE-2026-35588 Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Cassandra export module (`glances/exports/glances_cassandra/__init__.py`) interpolates `keyspace`, `table`,... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-35587 Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery (SSRF) vulnerability exists in the Glances IP plugin due to improper validation o... | 8.8 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.