Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-20930 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-25184 Concurrent execution using shared resource with improper synchronization ('race condition') in Applocker Filter Driver (applockerfltr.sys) allows an authorized attacker to elevate privileges locally. | 7.0 | HIGH | β | 0 |
| CVE-2026-26151 Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network. | 7.1 | HIGH | β | 0 |
| CVE-2026-26152 Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally. | 7.0 | HIGH | β | 0 |
| CVE-2026-26153 Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-26154 Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network. | 7.5 | HIGH | β | 0 |
| CVE-2026-26155 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2026-26156 Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-26159 Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-26160 Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-26161 Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-26162 Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-26163 Double free in Windows Kernel allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-40516 OpenHarness before commitΒ bd4df81 contains a server-side request forgery vulnerability in the web_fetch and web_search tools that allows attackers to access private and localhost HTTP services by mani... | 8.3 | HIGH | β | 0 |
| CVE-2025-65104 Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when communicating with FB4 or higher ser... | 7.9 | HIGH | β | 0 |
| CVE-2026-40319 Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the RegexMatching check passes a user-supplied regular expression pattern directly to Python's re.search() with... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-40320 Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the ConformityCheck class rendered the rule parameter through Jinja2's default Template() constructor, silently... | 7.8 | HIGH | β | 0 |
| CVE-2026-28214 Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize() function can overflow the totalLength value when p... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-29645 NEMU (OpenXiangShan/NEMU) before v2025.12.r2 contains an improper instruction-validation flaw in its RISC-V Vector (RVV) decoder. The decoder does not correctly validate the funct3 field when decoding... | 7.5 | HIGH | β | 0 |
| CVE-2026-33432 Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions up to and including 8.2.8.2, when LDAP authentication is enabled, Roxy-WI constructs an LDAP search f... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-40876 goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs contains an SFTP root escape caused by prefix-based path validation. An authenticated SFTP user can read from and write to files... | 8.8 | HIGH | β | 0 |
| CVE-2026-33595 A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connec... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-33596 A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS... | 3.1 | LOW | β | 0 |
| CVE-2026-33597 PRSD detection denial of service | 3.7 | LOW | β | 0 |
| CVE-2026-33598 A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress() or getAddressListByDomain() on a packet cache. | 4.8 | MEDIUM | β | 0 |
| CVE-2026-33599 A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade (Lua) option to newServer or auto_upgrade (YAML) settings. DD... | 3.1 | LOW | β | 0 |
| CVE-2026-33602 A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-33608 An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend ... | 7.4 | HIGH | β | 0 |
| CVE-2026-33609 Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees. | 5.3 | MEDIUM | β | 0 |
| CVE-2026-33610 A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it. | 5.9 | MEDIUM | β | 0 |
| CVE-2026-35341 A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions on existing files. When mkfifo fails to create a FIFO because a file already exists at the target pat... | 7.1 | HIGH | β | 0 |
| CVE-2026-35350 The cp utility in uutils coreutils fails to properly handle setuid and setgid bits when ownership preservation fails. When copying with the -p (preserve) flag, the utility applies the source mode bits... | 6.6 | MEDIUM | β | 0 |
| CVE-2026-35352 A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the mkfifo utility of uutils coreutils. The utility creates a FIFO and then performs a path-based chmod to set permissions. A local att... | 7.0 | HIGH | β | 0 |
| CVE-2026-35354 A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute (xattr) preservation logic uses multiple path-based... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-35357 The cp utility in uutils coreutils is vulnerable to an information disclosure race condition. Destination files are initially created with umask-derived permissions (e.g., 0644) before being restricte... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-35360 The touch utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition during file creation. When the utility identifies a missing path, it later attempts creati... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-35363 A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect the current directory. While the utility correctly refuses to delete . or .., it fai... | 5.6 | MEDIUM | β | 0 |
| CVE-2026-35364 A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the mv utility of uutils coreutils during cross-device operations. The utility removes the destination path before recreating it throug... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-35367 The nohup utility in uutils coreutils creates its default output file, nohup.out, without specifying explicit restricted permissions. This causes the file to inherit umask-based permissions, typically... | 3.3 | LOW | β | 0 |
| CVE-2026-35368 A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam() after entering the chroot but before dropp... | 7.8 | HIGH | β | 0 |
| CVE-2026-35377 A logic error in the env utility of uutils coreutils causes a failure to correctly parse command-line arguments when utilizing the -S (split-string) option. In GNU env, backslashes within single quote... | 3.3 | LOW | β | 0 |
| CVE-2026-34413 Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where an HTTP redirect to unauth... | 8.6 | HIGH | β | 0 |
| CVE-2026-34414 Xerte Online Toolkits versions 3.15 and earlier contain a relative path traversal vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where the name parameter in ren... | 7.1 | HIGH | β | 0 |
| CVE-2026-34415 Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability in the elFinder connector endpoint that fails to block PHP-executable extensions .php4 due to an in... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-41459 Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability that allows unauthenticated attackers to retrieve the full server-side filesystem path of the applicatio... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-41269 Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the Chatflow configuration file upload settings can be modified to allow the application/javasc... | 7.1 | HIGH | β | 0 |
| CVE-2026-41273 Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise contains an authentication bypass vulnerability that allows an unauthenticated attacker... | 8.2 | HIGH | β | 0 |
| CVE-2026-41276 Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, this vulnerability allows remote attackers to bypass authentication on affected installations o... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-40466 Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. An authenticated attacker may byp... | 8.8 | HIGH | β | 0 |
| CVE-2026-41321 @astrojs/cloudflare is an SSR adapter for use with Cloudflare Workers targets. Prior to 13.1.10, the fetch() call for remote images in packages/integrations/cloudflare/src/utils/image-binding-transfor... | 2.2 | LOW | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.