Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-34821 Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/vpnauthentication/user/. An authenticated attacker can inject arbitrary JavaScript ... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-34822 Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the new_cert_name parameter to /manage/ca/certificate/. An authenticated attacker can inject arbitrary JavaScript t... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-5342 A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikon_load_padded_packed_raw of the file src/decoders/decoders_libraw.cpp of the component TIFF/NEF. Executing a manipul... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-5346 A vulnerability was determined in huimeicloud hm_editor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulati... | 7.3 | HIGH | β | 0 |
| CVE-2026-30332 A Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability in Balena Etcher for Windows prior to v2.1.4 allows attackers to escalate privileges and execute arbitrary code via replacing a leg... | 7.5 | HIGH | β | 0 |
| CVE-2026-5350 A security flaw has been discovered in Trendnet TEW-657BRM 1.00.1. The impacted element is the function update_pcdb of the file /setup.cgi. The manipulation of the argument mac_pc_dba results in stack... | 8.8 | HIGH | β | 0 |
| CVE-2026-34830 Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Sendfile#map_accel_path interpolates the value of the X-Accel-Mapping request header directly into a reg... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-35385 In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) ... | 7.5 | HIGH | β | 0 |
| CVE-2026-35386 In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also... | 3.6 | LOW | β | 0 |
| CVE-2026-35387 OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms. | 3.1 | LOW | β | 0 |
| CVE-2026-35388 OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions. | 2.5 | LOW | β | 0 |
| CVE-2026-33271 Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902. | N/A | NONE | β | 0 |
| CVE-2026-34522 SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version ... | 8.1 | HIGH | β | 0 |
| CVE-2026-5452 A flaw has been found in UCC CampusConnect App up to 14.3.5 on Android. This vulnerability affects unknown code of the file campusconnect/BuildConfig.java of the component campusconnect.ucc. This mani... | 3.3 | LOW | β | 0 |
| CVE-2026-23418 In the Linux kernel, the following vulnerability has been resolved: drm/xe/reg_sr: Fix leak on xa_store failure Free the newly allocated entry when xa_store() fails to avoid a memory leak on the err... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23419 In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rds_tcp_tune syzbot reported a circular locking dependency in rds_tcp_tune() where sk_... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-5467 A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAuth Authorization Request Handler. Such manipulation of the argument redirect... | 4.3 | MEDIUM | β | 0 |
| CVE-2025-59709 An issue was discovered in Biztalk360 through 11.5. because of mishandling of user-provided input in a path to be read by the server, a Super User attacker is able to read files on the system and/or c... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-5468 A security flaw has been discovered in Casdoor 2.356.0. This affects the function dangerouslySetInnerHTML. Performing a manipulation of the argument formCss/formCssMobile/formSideHtml results in cross... | 3.5 | LOW | β | 0 |
| CVE-2025-59711 An issue was discovered in Biztalk360 before 11.5. Because of mishandling of user-provided input in an upload mechanism, an authenticated attacker is able to write files outside of the destination dir... | 8.3 | HIGH | β | 0 |
| CVE-2025-59710 An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craf... | 8.8 | HIGH | β | 0 |
| CVE-2026-5475 A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE_SB_TransmitMsg of the file cfe_sb_priv.c of the component CCSDS Header Size Handler. Executing a manipulation can ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-5476 A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFE_TBL_ValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfe_tbl_passthru_codec.c. The manipulation ... | 4.6 | MEDIUM | β | 0 |
| CVE-2026-34576 Postiz is an AI social media scheduling tool. Prior to version 2.21.3, the POST /public/v1/upload-from-url endpoint accepts a user-supplied URL and fetches it server-side using axios.get() with no SSR... | 7.7 | HIGH | β | 0 |
| CVE-2026-34523 SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-34584 listmonk is a standalone, self-hosted, newsletter and mailing list manager. From version 4.1.0 to before version 6.1.0, bugs in list permission checks allows users in a multi-user environment to acces... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-28766 A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication. | 9.3 | CRITICAL | β | 0 |
| CVE-2026-23402 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check against overwriting a shadow... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-5327 A security flaw has been discovered in efforthye fast-filesystem-mcp up to 3.5.1. The affected element is the function handleGetDiskUsage of the file src/index.ts. Performing a manipulation results in... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-34890 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mark OβDonnell MSTW League Manager allows DOM-Based XSS.This issue affects MSTW League Manager: fr... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27876 A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always ... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-33955 Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop, a cross-site scripting vulnerability stored in the note history comparison viewer can escalate to remote code execution in a des... | 8.6 | HIGH | β | 0 |
| CVE-2026-31831 Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /newsletter/image/images API endpoint is vulnerable to path traversal, allowing unauthentica... | 7.5 | HIGH | β | 0 |
| CVE-2026-25627 NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to version 0.24.8, NanoMQβs MQTT-over-WebSocket transport can be crashed by sending an MQTT packet with a deliberately large... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-33952 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, an unvalidated auth_length field read from the network triggers a WINPR_ASSERT() failure in rts_read_auth_veri... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-32970 OpenClaw before 2026.3.11 contains a credential fallback vulnerability where unavailable local gateway.auth.token and gateway.auth.password SecretRefs are treated as unset, allowing fallback to remote... | 2.5 | LOW | β | 0 |
| CVE-2026-32971 OpenClaw before 2026.3.11 contains an approval-integrity vulnerability in node-host system.run approvals that displays extracted shell payloads instead of the executed argv. Attackers can place wrappe... | 7.1 | HIGH | β | 0 |
| CVE-2026-34224 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.64 and 9.7.0-alpha.8, an attacker who possesses a valid authentication pro... | 4.4 | MEDIUM | β | 0 |
| CVE-2025-66484 IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functio... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-1540 The Spam Protect for Contact Form 7 WordPress plugin before 1.2.10 allows logging to a PHP file, which could allow an attacker with editor access to achieve Remote Code Execution by using a crafted he... | 7.2 | HIGH | β | 0 |
| CVE-2026-33544 Tinyauth is an authentication and authorization server. Prior to version 5.0.5, all three OAuth service implementations (GenericOAuthService, GithubOAuthService, GoogleOAuthService) store PKCE verifie... | 7.7 | HIGH | β | 0 |
| CVE-2026-33533 Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.3, the Glances XML-RPC server (activated with glances -s or glances --server) sends Access-Control-Allow-Origin: *... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-34729 phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, there is a stored XSS vulnerability via Regex Bypass in Filter::removeAttributes(). This issue has been patched in version 4.1.1... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-5339 A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function action_set_net_settings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-5344 A security vulnerability has been detected in Textpattern up to 4.9.1. Affected by this vulnerability is the function mt_uploadImage of the file rpc/TXP_RPCServer.php of the component XML-RPC Handler.... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-33536 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incre... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-33535 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 `display` intera... | 4.0 | MEDIUM | β | 0 |
| CVE-2026-30303 The command auto-approval module in Axon Code contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-5170 A user with access to the cluster with a limited set of privilege actions can trigger a crash of aΒ mongod process during the limited and unpredictable window when the cluster is being promoted from a ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-29909 MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpoint lacks authentication controls and proper input validation, ... | 5.3 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.