Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-41183 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the assigned-only restriction is applied to direct conversation view and folder queries, but not to non-folder q... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-40592 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the undo-send route `GET /conversation/undo-reply/{thread_id}` checks only whether the current user can view the... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-40591 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the phone-conversation creation flow accepts attacker-controlled `customer_id`, `name`, `to_email`, and `phone` ... | 7.1 | HIGH | β | 0 |
| CVE-2026-40590 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the Change Customer modal exposes a βCreate a new customerβ flow via POST /customers/ajax with action=create. Un... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-40589 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, a low-privileged agent can edit a visible customer and add an email address already owned by a hidden customer i... | 7.6 | HIGH | β | 0 |
| CVE-2026-40586 blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the login form handler performs no throttling of any kind. Failed authentication attempts are processed at full network speed wi... | 7.5 | HIGH | β | 0 |
| CVE-2026-40585 blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a password reset is initiated, a 128-character CSPRNG token is generated and stored alongside a password_reset_at timestamp... | 7.4 | HIGH | β | 0 |
| CVE-2026-40584 RansomLook is a tool to monitor Ransomware groups and markets and extract their victims. Prior to 1.9.0, the API in the affected application improperly filters private location entries in website/web/... | N/A | NONE | β | 0 |
| CVE-2026-40583 UltraDAG is a minimal DAG-BFT blockchain in Rust. In version 0.1, a non-council attacker can submit a signed SmartOp::Vote transaction that passes signature, nonce, and balance prechecks, but fails au... | N/A | NONE | β | 0 |
| CVE-2026-40576 excel-mcp-server is a Model Context Protocol server for Excel file manipulation. A path traversal vulnerability exists in excel-mcp-server versions up to and including 0.1.7. When running in SSE or St... | 9.4 | CRITICAL | β | 0 |
| CVE-2026-40574 OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Prior to 7.15.2, an authorization bypass exists in OAuth2 Proxy as part of the email_domain enforcement option. An ... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-40570 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, the `load_customer_info` action in `POST /conversation/ajax` returns complete customer profile data to any authe... | N/A | NONE | β | 0 |
| CVE-2026-40569 FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a mass assignment vulnerability in the mailbox connection settings endpoints of FreeScout (`connectionIncom... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-40568 FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a stored cross-site scripting (XSS) vulnerability in the mailbox signature feature. The sanitization functi... | 8.5 | HIGH | β | 0 |
| CVE-2026-40567 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can inject arbitrary HTML into outgoing emails generated by FreeScout by sending an ... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-40566 FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a Server-Side Request Forgery (SSRF) vulnerability in the IMAP/SMTP connection test functionality of FreeSc... | 4.1 | MEDIUM | β | 0 |
| CVE-2026-40279 BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decode_signed32() in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes u... | 3.7 | LOW | β | 0 |
| CVE-2026-40161 Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. From 1.0.0 to 1.10.0, the Tekton Pipelines git resolver in API mode sends the system-configured Git API token... | 7.7 | HIGH | β | 0 |
| CVE-2026-40050 CrowdStrike has released security updates to address a critical unauthenticated path traversal vulnerability (CVE-2026-40050) in LogScale. This vulnerability only requires mitigation by customers that... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-38835 Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the formSetUSBPartitionUmount function via the usbPartitionName parameter. This vulnerability allows attackers to ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-38834 Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the do_ping_action function via the hostName parameter. This vulnerability allows attackers to execute arbitrary c... | 7.3 | HIGH | β | 0 |
| CVE-2026-35451 Twenty is an open source CRM. Prior to 1.20.6, a Stored Cross-Site Scripting (XSS) vulnerability exists in the BlockNote editor component. Due to a lack of protocol validation in the FileBlock compone... | 5.7 | MEDIUM | β | 0 |
| CVE-2026-30452 Textpattern CMS 4.9.0 contains a Broken Access Control vulnerability in the article management system that allows authenticated users with low privileges to modify articles owned by users with higher ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-29179 October is a Content Management System (CMS) and web platform. Prior to 3.7.16 and 4.1.16, fine-grained sub-permission checks for asset and blueprint file operations were not enforced in the CMS and T... | 3.3 | LOW | β | 0 |
| CVE-2026-27937 October is a Content Management System (CMS) and web platform. Prior to 3.7.16 and 4.1.16, a reflected Cross-Site Scripting (XSS) vulnerability was identified in the backend DataTable widget where a q... | 3.1 | LOW | β | 0 |
| CVE-2026-26274 October is a Content Management System (CMS) and web platform. Prior to 3.7.14 and 4.1.10, a vulnerability was identified in the Twig sandbox security policy that allowed database write operations whe... | 6.6 | MEDIUM | β | 0 |
| CVE-2026-26067 October is a Content Management System (CMS) and web platform. Prior to 3.7.14 and 4.1.10, a server-side information disclosure vulnerability was identified in the handling of CSS preprocessor files. ... | 4.9 | MEDIUM | β | 0 |
| CVE-2026-25542 Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. From 0.43.0 to 1.11.0, trusted resources verification policies match a resource source string (refSource.URI)... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-24189 NVIDIA CUDA-Q contains a vulnerability in an endpoint, where an unauthenticated attacker could cause an out-of-bounds read by sending a maliciously crafted request. A successful exploit of this vulner... | 8.2 | HIGH | β | 0 |
| CVE-2026-24177 NVIDIA KAI Scheduler contains a vulnerability where an attacker could access API endpoints without authorization. A successful exploit of this vulnerability might lead to information disclosure. | 7.7 | HIGH | β | 0 |
| CVE-2026-24176 NVIDIA KAI Scheduler contains a vulnerability where an attacker could cause improper authorization through cross-namespace pod references. A successful exploit of this vulnerability might lead to data... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-21571 This Critical severity OS Command Injection vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. Β This RCE (Remote Code... | N/A | NONE | β | 0 |
| CVE-2019-25714 Seeyon OA A8 contains an unauthenticated arbitrary file write vulnerability in the /seeyon/htmlofficeservlet endpoint that allows remote attackers to write arbitrary files to the web application root ... | N/A | NONE | β | 0 |
| CVE-2026-40565 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's linkify() function in app/Misc/Helper.php converts plain-text URLs in email bodies into HTML anchor ... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-40498 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-37748 Visitor Management System 1.0 by sanjay1313 is vulnerable to Unrestricted File Upload in vms/php/admin_user_insert.php and vms/php/update_1.php. The move_uploaded_file() function is called without any... | 7.2 | HIGH | β | 0 |
| CVE-2025-41029 SQL injection vulnerability in Zeon Academy Pro by Zeon Global Tech. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a POST request using the paramet... | N/A | NONE | β | 0 |
| CVE-2025-41011 HTML injection vulnerability in PHP Point of Sale v19.4. This vulnerability allows an attacker to render HTML in the victim's browser due to a lack of proper validation of user input by sending a requ... | N/A | NONE | β | 0 |
| CVE-2025-15638 Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt. Net::Dropbear versions before 0.14 includes versions of Dropbear 2019.78 or earlier. These include versions o... | 10.0 | CRITICAL | β | 0 |
| CVE-2017-20230 Storable versions before 3.05 for Perl has a stack overflow. The retrieve_hook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-5789 Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a... | 7.8 | HIGH | β | 0 |
| CVE-2026-3298 The method "sock_recvfrom_into()" of "asyncio.ProacterEventLoop" (Windows only) was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer w... | N/A | NONE | β | 0 |
| CVE-2026-31019 In the Website module of Dolibarr ERP & CRM 22.0.4 and below, the application uses blacklist-based filtering to restrict dangerous PHP functions related to system command execution. An authenticated u... | 8.8 | HIGH | β | 0 |
| CVE-2026-31018 In Dolibarr ERP & CRM <= 22.0.4, PHP code detection and editing permission enforcement in the Website module is not applied consistently to all input parameters, allowing an authenticated user restric... | 8.8 | HIGH | β | 0 |
| CVE-2026-31014 Dovestones Softwares AD Self Update <4.0.0.5 is vulnerable to Cross Site Request Forgery (CSRF). The affected endpoint processes state-changing requests without requiring a CSRF token or equivalent pr... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-31013 Dovestones Softwares ADPhonebook <4.0.1.1 has a reflected cross-site scripting (XSS) vulnerability in the search parameter of the /ADPhonebook?Department=HR endpoint. User-supplied input is reflected ... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-29644 XiangShan (open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) has improper gating of its distributed CSR write-enable path, allowing illegal CS... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-1089 UserβControlled HTTP Header in Fortra's GoAnywhere MFT prior to version 7.10.0 allows attackers to trigger a DNS lookup, as well asΒ DNS Rebinding and Information Disclosure. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-0972 HTML injection is possible in system generated emails in Fortra's GoAnywhere MFT prior to 7.10.0. Note: The title, details, and description of this CVE were corrected post-publishing. | 5.4 | MEDIUM | β | 0 |
| CVE-2026-0971 An improper session timeout issue in Fortra's GoAnywhere MFT prior to version 7.10.0 results in SAML configured Web Users being redirected to the regular login page instead of the SAML login page. | 4.3 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.