Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-34082 Dify is an open-source LLM app development platform. Prior to 1.13.1, the method `DELETE /console/api/installed-apps/<appId>/conversations/<conversationId>` has poor authorization checking and allows ... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-6729 HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by expl... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-29643 XiangShan (Open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) contains an improper exceptional-condition handling flaw in its CSR subsystem (Ne... | 7.1 | HIGH | — | 0 |
| CVE-2026-22051 StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.13 and 12.0.0.6 are susceptible to a Information Disclosure vulnerability. Successful exploit could allow an authenticated attacker... | N/A | NONE | — | 0 |
| CVE-2026-0930 Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which wo... | N/A | NONE | — | 0 |
| CVE-2026-5928 Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version... | 7.5 | HIGH | — | 0 |
| CVE-2026-5450 Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 coul... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-5358 Rejected reason: REJECTED: CVE-2026-5358 is rejected for two reasons. Firstly it has been discovered that no NIS+ client or server was ever released for any Linux-based OS distributions and as such th... | N/A | NONE | — | 0 |
| CVE-2026-4852 The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image Source' attachment field in all versions up to, and inc... | 6.4 | MEDIUM | — | 0 |
| CVE-2026-34403 Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.5, all WebSocket endpoints in nginx-ui use a gorilla/websocket Upgrader with CheckOrigin unconditionally returning true,... | 8.1 | HIGH | — | 0 |
| CVE-2026-33626 LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery (SSRF) vulnerability in LMDeploy's vision-language modu... | 7.5 | HIGH | — | 0 |
| CVE-2026-33432 Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions up to and including 8.2.8.2, when LDAP authentication is enabled, Roxy-WI constructs an LDAP search f... | N/A | NONE | — | 0 |
| CVE-2026-33431 Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the POST /config/<service>/show API endpoint accepts a configver parameter that is dire... | N/A | NONE | — | 0 |
| CVE-2026-33031 Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, a user who was disabled by an administrator can use previously issued API tokens for up to the token lifetime. In pra... | 8.1 | HIGH | — | 0 |
| CVE-2026-32613 Spinnaker is an open source, multi-cloud continuous delivery platform. Echo like some other services, uses SPeL (Spring Expression Language) to process information - specifically around expected artif... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-32604 Spinnaker is an open source, multi-cloud continuous delivery platform. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, a bad actor can execute arbitrary commands very simply on the cl... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-29648 In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs wi... | 8.8 | HIGH | — | 0 |
| CVE-2026-29647 In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially enabli... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-29646 In OpenXiangShan NEMU prior to 55295c4, when running with RVH (Hypervisor extension) enabled, a VS-mode guest write to the supervisor interrupt-enable CSR (sie) may be handled incorrectly and can infl... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-29642 A local attacker who can execute privileged CSR operations (or can induce firmware to do so) performs carefully crafted reads/writes to menvcfg (e.g., csrrs in M-mode). On affected XiangShan versions ... | 7.8 | HIGH | — | 0 |
| CVE-2026-6550 Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow an authenticated local threat actor to bypass ... | 4.7 | MEDIUM | — | 0 |
| CVE-2026-6257 Vvveb CMS v1.0.8 contains a remote code execution vulnerability in its media management functionality where a missing return statement in the file rename handler allows authenticated attackers to rena... | 9.1 | CRITICAL | — | 0 |
| CVE-2026-6249 Vvveb CMS 1.0.8 contains a remote code execution vulnerability in its media upload handler that allows authenticated attackers to execute arbitrary operating system commands by uploading a PHP webshel... | 8.8 | HIGH | — | 0 |
| CVE-2026-5478 The Everest Forms plugin for WordPress is vulnerable to Arbitrary File Read and Deletion in all versions up to, and including, 3.4.4. This is due to the plugin trusting attacker-controlled old_files d... | 8.1 | HIGH | — | 0 |
| CVE-2026-32311 Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Flowsint allows a user to create investigations, which are used to man... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-32135 NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Versions prior to 0.24.11 have a remotely triggerable heap buffer overflow in the `uri_param_parse` function of NanoMQ's REST API.... | 7.5 | HIGH | — | 0 |
| CVE-2026-29649 NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg[7:4] (CBIE/CBCFE/CBZE-related fields) is incorrectly masked/updated based on menvcfg[7:4], so a machine-mode wr... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-29645 NEMU (OpenXiangShan/NEMU) before v2025.12.r2 contains an improper instruction-validation flaw in its RISC-V Vector (RVV) decoder. The decoder does not correctly validate the funct3 field when decoding... | 7.5 | HIGH | — | 0 |
| CVE-2026-6248 The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.5. This is due to two compounding flaws: the Members::update() method does not valida... | 8.1 | HIGH | — | 0 |
| CVE-2026-6060 A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS:... | 4.5 | MEDIUM | — | 0 |
| CVE-2025-11249 Rejected reason: This CVE id was assigned as a duplicate of CVE-2025-66414. | N/A | NONE | — | 0 |
| CVE-2026-41389 OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result m... | 5.8 | MEDIUM | — | 0 |
| CVE-2026-39112 Cross Site Scripting vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the visname parameter of visitors-form.php. An authenticated attacker can inject... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-39111 SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page (forgot-password.php). This allows an u... | 7.5 | HIGH | — | 0 |
| CVE-2026-39110 SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page (forgot-password.php). This allows ... | 8.2 | HIGH | — | 0 |
| CVE-2026-39109 SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page (index.php). This allows an unauthenticate... | 9.4 | CRITICAL | — | 0 |
| CVE-2026-26399 A stack-use-after-return issue exists in the Arduino_Core_STM32 library prior to version 1.7.0. The pwm_start() function allocates a TIM_HandleTypeDef structure on the stack and passes its address to ... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-23758 GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the ticket subject field that allows authenticated staff members to inject malicious JavaScript by manipulating the e... | N/A | NONE | — | 0 |
| CVE-2026-23757 GFI HelpDesk before 4.99.10 contains a stored cross-site scripting vulnerability in the Reports module where the title parameter is passed directly to SWIFT_Report::Create() without HTML sanitization.... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-23756 GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the Troubleshooter module where the subject POST parameter is not sanitized in Controller_Step.InsertSubmit() and Edi... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-23753 GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the language management functionality where the charset POST parameter is passed directly to SWIFT_Language::Create()... | 4.8 | MEDIUM | — | 0 |
| CVE-2026-23752 GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the template group creation and editing functionality that allows authenticated administrators to inject arbitrary Ja... | 4.8 | MEDIUM | — | 0 |
| CVE-2026-6662 A vulnerability was found in ericc-ch copilot-api up to 0.7.0. The impacted element is the function cors of the file src/server.ts of the component Token Endpoint. Performing a manipulation results in... | 7.3 | HIGH | — | 0 |
| CVE-2026-41445 KissFFT before commit 8a8e66e contains an integer overflow vulnerability in the kiss_fftndr_alloc() function in kiss_fftndr.c where the allocation size calculation dimOther*(dimReal+2)*sizeof(kiss_fft... | 8.8 | HIGH | — | 0 |
| CVE-2026-40488 Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Pri... | 8.8 | HIGH | — | 0 |
| CVE-2026-40098 Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Pri... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-35154 Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper p... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-30269 Improper access control in Doorman v0.1.0 and v1.0.2 allows any authenticated user to update their own account role to a non-admin privileged role via /platform/user/{username}. The `role` field is ac... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-30266 Insecure Permissions vulnerability in DeepCool DeepCreative v.1.2.12 and before allows a local attacker to execute arbitrary code via a crafted file | 7.8 | HIGH | — | 0 |
| CVE-2026-28684 python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, `set_key()` and `unset_key()` in python-dotenv follow symbolic links when rewrit... | 6.6 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.