Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-39866 Lawnchair is a free, open-source home app for Android. Prior to commit fcba413f55dd47f8a3921445252849126c6266b2, command injection in release_update.yml workflow dispatch input allows arbitrary code e... | N/A | NONE | β | 0 |
| CVE-2026-6765 Information disclosure in the Form Autofill component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | 5.3 | MEDIUM | β | 0 |
| CVE-2026-40498 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. ... | N/A | NONE | β | 0 |
| CVE-2026-40565 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's linkify() function in app/Misc/Helper.php converts plain-text URLs in email bodies into HTML anchor ... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-38834 Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the do_ping_action function via the hostName parameter. This vulnerability allows attackers to execute arbitrary c... | 7.3 | HIGH | β | 0 |
| CVE-2026-40567 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can inject arbitrary HTML into outgoing emails generated by FreeScout by sending an ... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-40586 blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the login form handler performs no throttling of any kind. Failed authentication attempts are processed at full network speed wi... | 7.5 | HIGH | β | 0 |
| CVE-2026-40589 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, a low-privileged agent can edit a visible customer and add an email address already owned by a hidden customer i... | 7.6 | HIGH | β | 0 |
| CVE-2026-40587 blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a user changes their password via the profile edit page, or when a password reset is completed via the reset link, neither ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-40611 Let's Encrypt client and ACME library written in Go (Lego). Prior to 4.34.0, the webroot HTTP-01 challenge provider in lego is vulnerable to arbitrary file write and deletion via path traversal. A mal... | 8.8 | HIGH | β | 0 |
| CVE-2026-41193 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, FreeScout's module installation feature extracts ZIP archives without validating file paths, allowing an authent... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-40613 Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.10.0, the STUN/TURN attribute parsing functions in coturn perform unsafe pointer casts from uint8_t * to uint16_t * with... | 7.5 | HIGH | β | 0 |
| CVE-2026-40866 Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, an insecure direct object reference in the employee document upload endpoint allows any authenticated user to overw... | N/A | NONE | β | 0 |
| CVE-2026-40867 Horilla is a free and open source Human Resource Management System (HRMS). In 1.5.0, a broken access control vulnerability in the helpdesk attachment viewer allows any authenticated user to view attac... | N/A | NONE | β | 0 |
| CVE-2026-33812 Parsing a malicious font file can cause excessive memory allocation. | 6.1 | MEDIUM | β | 0 |
| CVE-2026-33813 Parsing a WEBP image with an invalid, large size panics on 32-bit platforms. | N/A | NONE | β | 0 |
| CVE-2026-40372 Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. | 9.1 | CRITICAL | β | 0 |
| CVE-2026-40869 Decidim is a participatory democracy framework. Starting in version 0.19.0 and prior to versions 0.30.5 and 0.31.1, a vulnerability allows any registered and authenticated user to accept or reject any... | 7.5 | HIGH | β | 0 |
| CVE-2026-40870 Decidim is a participatory democracy framework. Starting in version 0.0.1 and prior to versions 0.30.5 and 0.31.1, the root level `commentable` field in the API allows access to all commentable resour... | 7.5 | HIGH | β | 0 |
| CVE-2026-40871 mailcow: dockerized is an open source groupware/email suite based on docker. Versions prior to 2026-03b have a second-order SQL injection vulnerability in the quarantine_category field via the Mailcow... | 7.2 | HIGH | β | 0 |
| CVE-2026-40872 mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the admin dashboard's Autodiscover logs render the EMailAddress value (logged as the "user" ... | N/A | NONE | β | 0 |
| CVE-2026-40873 mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the Quarantine details modal injects attachment filenames into HTML without escaping, allowi... | N/A | NONE | β | 0 |
| CVE-2026-40874 mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, no administrator verification takes place when deleting Forwarding Hosts with `/api/v1/delet... | N/A | NONE | β | 0 |
| CVE-2026-40875 mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the user dashboard's "Seen successful connections" (login history) renders the client IP fro... | N/A | NONE | β | 0 |
| CVE-2026-40876 goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs contains an SFTP root escape caused by prefix-based path validation. An authenticated SFTP user can read from and write to files... | N/A | NONE | β | 0 |
| CVE-2026-40878 mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the mailcow web interface passes the raw `$_SERVER['REQUEST_URI']` to Twig as a global templ... | N/A | NONE | β | 0 |
| CVE-2026-40879 Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.19, when an attacker sends many small, valid JSON messages in one TCP frame, handleData() recurses once per me... | 7.5 | HIGH | β | 0 |
| CVE-2026-40880 ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and zebra-consensus version 5.0.2, a logic error in Zebra's transaction verification cache could allow a malicious miner t... | N/A | NONE | β | 0 |
| CVE-2026-40881 ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-network version 5.0.1, when deserializing addr or addrv2 messages, which contain vectors of addresses, Zebra wou... | N/A | NONE | β | 0 |
| CVE-2026-40883 goshs is a SimpleHTTPServer written in Go. From 2.0.0-beta.4 to 2.0.0-beta.5, goshs contains a cross-site request forgery issue in its state-changing HTTP GET routes. An external attacker can cause an... | N/A | NONE | β | 0 |
| CVE-2026-40884 goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs contains an SFTP authentication bypass when the documented empty-username basic-auth syntax is used. If the server is started wi... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-40885 goshs is a SimpleHTTPServer written in Go. From 2.0.0-beta.4 to 2.0.0-beta.5, goshs leaks file-based ACL credentials through its public collaborator feed when the server is deployed without global bas... | N/A | NONE | β | 0 |
| CVE-2026-40887 Vendure is an open-source headless commerce platform. Starting in version 1.7.4 and prior to versions 2.3.4, 3.5.7, and 3.6.2, an unauthenticated SQL injection vulnerability exists in the Vendure Shop... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-40888 Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.58.1 and 16.4.1, an authenticated user with default role can access unauthorized information by exploiting ... | N/A | NONE | β | 0 |
| CVE-2026-40889 Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.58.2 and 16.4.2, authenticated users can access unauthorized files by exploiting certain api endpoint. Vers... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-40890 The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Processing a malformed input containing a < character that is not followed by a > characte... | 7.5 | HIGH | β | 0 |
| CVE-2026-40903 goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs has an ArtiPACKED vulnerability. ArtiPACKED can lead to leakage of the GITHUB_TOKEN through workflow artifacts, even though the ... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-40907 WWBN AVideo is an open source video platform. In versions 29.0 and prior, the endpoint `plugin/Live/view/Live_restreams/list.json.php` contains an Insecure Direct Object Reference (IDOR) vulnerability... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-40908 WWBN AVideo is an open source video platform. In versions 29.0 and prior, the file `git.json.php` at the web root executes `git log -1` and returns the full output as JSON to any unauthenticated user.... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-40909 WWBN AVideo is an open source video platform. In versions 29.0 and prior, the locale save endpoint (`locale/save.php`) constructs a file path by directly concatenating `$_POST['flag']` into the path a... | 8.7 | HIGH | β | 0 |
| CVE-2026-41320 Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.54.0 and 14.38.1, a specially crafted request made to a certain endpoint could result in SQL injection, all... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-6819 HKUDS OpenHarness prior to PR #156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders by default. Attackers... | 8.8 | HIGH | β | 0 |
| CVE-2025-70420 A SQL injection vulnerability exists in Genesys Latitude v25.1.0.420 that allows an authenticated attacker to execute arbitrary SQL queries against the backend database. The vulnerability is caused by... | N/A | NONE | β | 0 |
| CVE-2026-21997 Vulnerability in the Oracle Life Sciences Empirica Signal product of Oracle Life Science Applications (component: Common Core). Supported versions that are affected are 9.2.1-9.2.3. Easily exploitabl... | 8.5 | HIGH | β | 0 |
| CVE-2026-21998 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulne... | 4.9 | MEDIUM | β | 0 |
| CVE-2026-21999 Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.1. Difficult to exploit vulnerability allows unauthenticated attacker with... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-22001 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploita... | 2.7 | LOW | β | 0 |
| CVE-2026-22002 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulne... | 4.9 | MEDIUM | β | 0 |
| CVE-2026-22003 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; O... | 6.0 | MEDIUM | β | 0 |
| CVE-2023-7343 HiSecOS web server versions 05.0.00 to 08.3.01 prior to 08.3.02 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to t... | 7.8 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.