Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-41131 OpenFGA is an authorization/permission engine built for developers. Prior to version 1.14.1, in specific scenarios, models using conditions with caching enabled can result in two different check reque... | 5.0 | MEDIUM | — | 0 |
| CVE-2026-41144 F´ (F Prime) is a framework that enables development and deployment of spaceflight and other embedded software applications. Prior to version 4.2.0, the bounds check byteOffset + dataSize > fileSize u... | 0.0 | NONE | — | 0 |
| CVE-2026-41304 WWBN AVideo is an open source video platform. In versions 29.0 and below, the `cloneServer.json.php` endpoint in the CloneSite plugin constructs shell commands using user-controlled input (`url` param... | N/A | NONE | — | 0 |
| CVE-2026-40344 MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability in MinIO's Snowball auto-e... | N/A | NONE | — | 0 |
| CVE-2026-41145 MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability in MinIO's `STREAMING-UNSI... | N/A | NONE | — | 0 |
| CVE-2026-41146 facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, `fio_json_parse` can enter an infinite loop when it encounters a nested JSON value start... | N/A | NONE | — | 0 |
| CVE-2026-41458 OwnTone Server versions 28.4 through 29.0 contain a race condition vulnerability in the DAAP login handler that allows unauthenticated attackers to crash the server by exploiting unsynchronized access... | N/A | NONE | — | 0 |
| CVE-2026-5398 The implementation of TIOCNOTTY failed to clear a back-pointer from the structure representing the controlling terminal to the calling process' session. If the invoking process then exits, the termin... | 8.4 | HIGH | — | 0 |
| CVE-2026-6386 In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the prese... | 6.2 | MEDIUM | — | 0 |
| CVE-2026-6833 The a+HRD developed by aEnrich has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-6835 The a+HCM developed by aEnrich has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload arbitrary files to any path, including HTML documents, which may result i... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-40451 DeepL Chrome browser extension versions from v1.22.0 to v.1.23.0 contain a cross-site scripting vulnerability, which allows an attacker to execute arbitrary script in a user's browser, and inject mali... | N/A | NONE | — | 0 |
| CVE-2026-22746 Vulnerability in Spring Spring Security. If an application is using the UserDetails#isEnabled, #isAccountNonExpired, or #isAccountNonLocked user attributes, to enable, expire, or lock users, then DaoA... | 3.7 | LOW | — | 0 |
| CVE-2026-22747 Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the userna... | 6.8 | MEDIUM | — | 0 |
| CVE-2026-22748 Vulnerability in Spring Spring Security. When an application configures JWT decoding with NimbusJwtDecoder or NimbusReactiveJwtDecoder, it must configure an OAuth2TokenValidator<Jwt> separately, for ... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-22753 Vulnerability in Spring Spring Security. If an application is using securityMatchers(String) and a PathPatternRequestMatcher.Builder bean to prepend a servlet path, matching requests to that filter ch... | 7.5 | HIGH | — | 0 |
| CVE-2026-22754 Vulnerability in Spring Spring Security. If an application uses <sec:intercept-url servlet-path="/servlet-path" pattern="/endpoint/**"/> to define the servlet path for computing a path matcher, then t... | 7.5 | HIGH | — | 0 |
| CVE-2026-41665 Integer overflow in scratch buffer initialization size calculation in Samsung Open Source ONE cause incorrect memory initialization for large intermediate tensors. Affected version is prior to commit ... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-41666 Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prior to commit 1.30.0. | 6.6 | MEDIUM | — | 0 |
| CVE-2026-41667 Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is prior to commit 1.30.0. | 6.6 | MEDIUM | — | 0 |
| CVE-2026-6839 Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung Open Source ONE Affected version is prior t... | 6.6 | MEDIUM | — | 0 |
| CVE-2026-6840 Missing bounds validation for operator could allow out of range operator-code lookup during model loading Affected version is prior to commit 1.30.0. | 5.5 | MEDIUM | — | 0 |
| CVE-2026-6842 A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions (0777 instead of 0700) for the `~/.local` directory. This allows ... | 2.5 | LOW | — | 0 |
| CVE-2026-33256 An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default. | 5.3 | MEDIUM | — | 0 |
| CVE-2026-33258 By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC(3) caches. | 5.3 | MEDIUM | — | 0 |
| CVE-2026-33259 Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur wit... | 5.0 | MEDIUM | — | 0 |
| CVE-2026-33260 An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default. | 5.3 | MEDIUM | — | 0 |
| CVE-2026-33261 A zone transition from NSEC to NSEC3 might trigger an internal inconsistency and cause a denial of service. | 5.9 | MEDIUM | — | 0 |
| CVE-2026-33262 An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are disabled by default. | 5.9 | MEDIUM | — | 0 |
| CVE-2026-33600 An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. | 4.4 | MEDIUM | — | 0 |
| CVE-2026-33601 If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a... | 4.4 | MEDIUM | — | 0 |
| CVE-2026-6855 A flaw was found in InstructLab. A local attacker could exploit a path traversal vulnerability in the chat session handler by manipulating the `logs_dir` parameter. This allows the attacker to create ... | 7.1 | HIGH | — | 0 |
| CVE-2026-6857 A flaw was found in camel-infinispan. This vulnerability involves unsafe deserialization in the ProtoStream remote aggregation repository. A remote attacker with low privileges could exploit this by s... | 7.5 | HIGH | — | 0 |
| CVE-2026-31192 Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-33254 An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default. | 5.3 | MEDIUM | — | 0 |
| CVE-2026-33594 A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released unti... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-33595 A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connec... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-33596 A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS... | 3.1 | LOW | — | 0 |
| CVE-2026-33597 PRSD detection denial of service | 3.7 | LOW | — | 0 |
| CVE-2026-33598 A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress() or getAddressListByDomain() on a packet cache. | 4.8 | MEDIUM | — | 0 |
| CVE-2026-33599 A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade (Lua) option to newServer or auto_upgrade (YAML) settings. DD... | 3.1 | LOW | — | 0 |
| CVE-2026-33602 A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-33608 An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend ... | 7.4 | HIGH | — | 0 |
| CVE-2026-33609 Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees. | 5.3 | MEDIUM | — | 0 |
| CVE-2026-33610 A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it. | 5.9 | MEDIUM | — | 0 |
| CVE-2026-33611 An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-5749 Inadequate access control in the registration process in Fullstep V5, which could allow unauthenticated users to obtain a valid JWT token with which to interact with authenticated API resources. Succe... | N/A | NONE | — | 0 |
| CVE-2026-5750 An insecure direct object reference (IDOR) vulnerability in the Fullstep V5 registration process allows authenticated users to access data belonging to other registered users through various vulnerabl... | N/A | NONE | — | 0 |
| CVE-2026-6355 A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to un... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-7343 HiSecOS web server versions 05.0.00 to 08.3.01 prior to 08.3.02 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to t... | 7.8 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.