Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-6610 A vulnerability has been found in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file djangoblog/settings.py of the component Setting Handler. Such manipulat... | 3.7 | LOW | β | 0 |
| CVE-2026-6609 A flaw has been found in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function form_valid of the file oauth/views.py. This manipulation of the argument oauthid causes improper au... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-6608 A vulnerability was detected in lm-sys fastchat up to 0.2.36. Impacted is the function add_text of the component Arena Side-by-Side View Handler. The manipulation results in incorrect control flow. Th... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-6607 A security vulnerability has been detected in lm-sys fastchat up to 0.2.36. This issue affects the function api_generate of the component Worker API Endpoint. The manipulation leads to resource consum... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-6606 A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function _process_audio_block of the file src/agentscope/agent/_agent_base.py. Executing a manipula... | 7.3 | HIGH | β | 0 |
| CVE-2026-6605 A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function _get_bytes_from_web_url of the file src/agentscope/_utils/_common.py of the component Internal Serv... | 7.3 | HIGH | β | 0 |
| CVE-2026-6604 A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function _parse_url/prepare_image/openai_audio_to_text of the file src/agentscope/tool/_multi_modali... | 7.3 | HIGH | β | 0 |
| CVE-2026-6603 A vulnerability was determined in modelscope agentscope up to 1.0.18. Affected by this vulnerability is the function execute_python_code/execute_shell_command of the file src/AgentScope/tool/_coding/_... | 7.3 | HIGH | β | 0 |
| CVE-2026-6602 A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Affected is an unknown function of the file /backend/admin/his_admin_account.php. The man... | 7.3 | HIGH | β | 0 |
| CVE-2026-6601 A vulnerability has been found in Lagom WHMCS Template up to 2.4.2. This impacts an unknown function of the component Datatables. The manipulation leads to resource consumption. Remote exploitation of... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-6600 A flaw has been found in langflow-ai langflow up to 1.8.3. This affects an unknown function of the file src/frontend/src/modals/IOModal/components/chatView/chatMessage/components/edit-message.tsx of t... | 3.5 | LOW | β | 0 |
| CVE-2026-6599 A vulnerability was detected in langflow-ai langflow up to 1.8.3. The impacted element is the function get_client_ip/install_mcp_config of the file src/backend/base/langflow/api/v1/mcp_projects.py of ... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-6598 A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of the file src/backend/base/Langflow/api/v1/p... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-32965 Initialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Manager provided by silex technology, Inc. When the affected device is connected to the network with the ... | 7.5 | HIGH | β | 0 |
| CVE-2026-32964 SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of CRLF sequences ('CRLF Injection') vulnerability. Processing some crafted configuration data may lead t... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-32963 SD-330AC and AMC Manager provided by silex technology, Inc. contain a reflected cross-site scripting vulnerability. When a user logs in to the affected device and access some crafted web page, arbitra... | N/A | NONE | β | 0 |
| CVE-2026-32962 SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue. The device configuration may be altered without authentication. | 5.3 | MEDIUM | β | 0 |
| CVE-2026-32961 SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in packet data processing of sx_smpd. Processing a crafted packet may cause a temporary d... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-32960 SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before reuse. An attacker may login to the device without knowing the... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-32959 SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a use of a broken or risky cryptographic algorithm. Information in the traffic may be retrieved via man-in-the-middle ... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-32958 SD-330AC and AMC Manager provided by silex technology, Inc. use a hard-coded cryptographic key. An administrative user may be directed to apply a fake firmware update. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-32957 SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue on firmware maintenance. Arbitrary file may be uploaded on the device without a... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-32956 SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32955 SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device. | 8.8 | HIGH | β | 0 |
| CVE-2026-6597 A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function remove_api_keys/has_api_terms of the file src/backend/base/langflow/api/utils/core.py of the component Flow... | 2.7 | LOW | β | 0 |
| CVE-2026-6596 A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file src/backend/base/Langflow/api/v1/endpoints.py of the component A... | 7.3 | HIGH | β | 0 |
| CVE-2026-6595 A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of th... | 7.3 | HIGH | β | 0 |
| CVE-2026-6594 A vulnerability was determined in brikcss merge up to 1.3.0. This affects an unknown part. Executing a manipulation of the argument __proto__/constructor.prototype/prototype can lead to improperly con... | 7.3 | HIGH | β | 0 |
| CVE-2026-6593 A vulnerability was found in ComfyUI up to 0.13.0. Affected by this issue is some unknown functionality of the file server.py of the component View Endpoint. Performing a manipulation results in cross... | 3.5 | LOW | β | 0 |
| CVE-2026-6592 A vulnerability has been found in ComfyUI up to 0.13.0. Affected by this vulnerability is the function getuserdata of the file app/user_manager.py of the component userdata Endpoint. Such manipulation... | 3.5 | LOW | β | 0 |
| CVE-2026-6591 A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folder_paths.get_annotated_filepath of the file folder_paths.py of the component LoadImage Node. This manipulation of the argume... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-6590 A vulnerability was detected in ComfyUI up to 0.13.0. This impacts the function get_model_preview of the file app/model_manager.py of the component Model Preview Endpoint. The manipulation results in ... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-6589 A security vulnerability has been detected in ComfyUI up to 0.13.0. This affects the function create_origin_only_middleware of the file server.py. The manipulation leads to cross-site request forgery.... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-6588 A weakness has been identified in serge-chat serge up to 1.4TB. The impacted element is the function download_model/delete_model of the file api/src/serge/routers/model.py of the component Model API E... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-6587 A security flaw has been discovered in vibrantlabsai RAGAS up to 0.4.3. The affected element is the function _try_process_local_file/_try_process_url of the file src/ragas/metrics/collections/multi_mo... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-6586 A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function get_budget/update_budget of the file superagi/controllers/budget.py of the component Budget Endpoin... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-6585 A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function update_organisation of the file superagi/controllers/organisation.py of the component Organi... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-6584 A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function update_user of the file superagi/controllers/user.py of the component User Update Endpoin... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-6583 A vulnerability has been found in TransformerOptimus SuperAGI up to 0.0.14. This affects the function delete_api_key/edit_api_key of the file superagi/controllers/api_key.py of the component API Key M... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-6582 A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function get_vector_db_details of the file superagi/controllers/vector_dbs.py of the component Vector D... | 7.3 | HIGH | β | 0 |
| CVE-2026-6581 A vulnerability was detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function SetMobileAPInfoById of the file /goform/aspForm. Performing a manipulation of the argument pa... | 8.8 | HIGH | β | 0 |
| CVE-2026-6580 A security vulnerability has been detected in liangliangyy DjangoBlog up to 2.1.0.0. Affected is an unknown function of the file owntracks/views.py of the component Amap API Call Handler. Such manipul... | 7.3 | HIGH | β | 0 |
| CVE-2026-6579 A weakness has been identified in liangliangyy DjangoBlog up to 2.1.0.0. This impacts an unknown function of the file blog/views.py of the component Clean Endpoint. This manipulation causes missing au... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-6578 A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component Setting Handler. The manipulation of ... | 5.6 | MEDIUM | β | 0 |
| CVE-2026-6577 A vulnerability was identified in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file owntracks/views.py of the component logtracks Endpoint. The manipulatio... | 7.3 | HIGH | β | 0 |
| CVE-2026-6576 A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Inte... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-6574 A vulnerability has been found in osuuu LightPicture up to 1.2.2. This issue affects some unknown processing of the file /public/install/lp.sql of the component API Upload Endpoint. Such manipulation ... | 7.3 | HIGH | β | 0 |
| CVE-2026-6573 A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of th... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-6572 A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileUp... | 5.6 | MEDIUM | β | 0 |
| CVE-2026-6571 A weakness has been identified in kodcloud KodExplorer up to 4.52. Affected by this vulnerability is the function roleGroupAction of the file /app/controller/systemRole.class.php. Executing a manipula... | 6.3 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.