Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-40311 ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-35595 Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the CanUpdate check at pkg/models/project_permissions.go:139-148 only requires CanWrite on the new parent project when c... | 8.3 | HIGH | β | 0 |
| CVE-2026-35596 Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the hasAccessToLabel function contains a SQL operator precedence bug that allows any authenticated user to read any labe... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-35597 Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the TOTP failed-attempt lockout mechanism is non-functional due to a database transaction handling bug. When a TOTP vali... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-35599 Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the addRepeatIntervalToTime function uses an O(n) loop that advances a date by the task's RepeatAfter duration until it ... | 6.5 | MEDIUM | β | 0 |
| CVE-2025-66447 Chamilo LMS is a learning management system. From 1.11.0 to 2.0-beta.1, anyone can trigger a malicious redirect through the use of the redirect parameter to /login. This vulnerability is fixed in 2.0-... | 0.0 | NONE | β | 0 |
| CVE-2026-31940 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, in main/lp/aicc_hacp.php, user-controlled request parameters are directly used to set the PHP session ID before loading gl... | 7.5 | HIGH | β | 0 |
| CVE-2026-31941 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains a Server-Side Request Forgery (SSRF) vulnerability in the Social Wall feature. The endpoint read_url_... | 7.7 | HIGH | β | 0 |
| CVE-2026-32892 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an OS Command Injection vulnerability in the file move function. The move() function in fileManage.li... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-32894 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerability in the gradebook result view page allows any authenticated teache... | 7.1 | HIGH | β | 0 |
| CVE-2026-32930 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerability in the gradebook evaluation edit page allows any authenticated te... | 7.1 | HIGH | β | 0 |
| CVE-2026-32931 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file upload vulnerability in the exercise sound upload function allows an authenticated teacher to upload ... | 7.5 | HIGH | β | 0 |
| CVE-2026-33141 Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerability in the REST API stats endpoint allows any authenticated user (including low-p... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-33900 ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the viff encoder contains an integer truncation/wraparound... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-40494 SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE dec... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-41253 In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conducto... | 6.9 | MEDIUM | β | 0 |
| CVE-2026-30912 In case of SQL errors, exception/stack trace of errors was exposed in API even if "api/expose_stack_traces" was set to false. That could lead to exposing additional information to potential attacker. ... | 7.5 | HIGH | β | 0 |
| CVE-2026-32228 UI / API User with asset materialize permission could trigger dags they had no access to. Users are advised to migrate to Airflow version 3.2.0 that fixes the issue. | 7.5 | HIGH | β | 0 |
| CVE-2026-41254 Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication. | 4.0 | MEDIUM | β | 0 |
| CVE-2026-6594 A vulnerability was determined in brikcss merge up to 1.3.0. This affects an unknown part. Executing a manipulation of the argument __proto__/constructor.prototype/prototype can lead to improperly con... | 7.3 | HIGH | β | 0 |
| CVE-2026-6595 A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of th... | 7.3 | HIGH | β | 0 |
| CVE-2026-32955 SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device. | 8.8 | HIGH | β | 0 |
| CVE-2026-40486 Kimai is an open-source time tracking application. In versions 2.52.0 and below, the User Preferences API endpoint (PATCH /api/users/{id}/preferences) applies submitted preference values without check... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-5250 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | NONE | β | 0 |
| CVE-2026-37340 SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/edit_music.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-37341 SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_category.php. | 7.2 | HIGH | β | 0 |
| CVE-2026-37342 SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/view_parked_details.php. | 7.2 | HIGH | β | 0 |
| CVE-2026-37343 SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_user.php. | 7.2 | HIGH | β | 0 |
| CVE-2026-37344 SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_location.php. | 7.2 | HIGH | β | 0 |
| CVE-2026-37100 An issue in the Bluetooth Low Energy (BLE) control interface of the Yamaha SR-B30A sound bar firmware 2.40 (Mobile App: Sound Bar Remote / version: 2.40) allows remote attackers within BLE radio range... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-5426 Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote... | 7.5 | HIGH | β | 0 |
| CVE-2026-41080 libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document. | 2.9 | LOW | β | 0 |
| CVE-2026-31399 In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if device_ad... | N/A | NONE | β | 0 |
| CVE-2026-23422 In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler Commit 31a7a0bbeb00 ("dpaa2-switch: add bounds check fo... | 7.8 | HIGH | β | 0 |
| CVE-2026-23452 In the Linux kernel, the following vulnerability has been resolved: PM: runtime: Fix a race condition related to device removal The following code in pm_runtime_work() may dereference the dev->paren... | N/A | NONE | β | 0 |
| CVE-2026-23455 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() In DecodeQ931(), the UserUserIE code path reads a 16-bit lengt... | N/A | NONE | β | 0 |
| CVE-2026-23456 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case In decode_int(), the CONS case calls get_bits(bs, 2) to read ... | N/A | NONE | β | 0 |
| CVE-2026-23457 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() sip_help_tcp() parses the SIP Content-Length head... | N/A | NONE | β | 0 |
| CVE-2026-23458 In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() ctnetlink_dump_exp_ct() stores a conntrack pointer in cb->data... | N/A | NONE | β | 0 |
| CVE-2026-23460 In the Linux kernel, the following vulnerability has been resolved: net/rose: fix NULL pointer dereference in rose_transmit_link on reconnect syzkaller reported a bug [1], and the reproducer is avai... | N/A | NONE | β | 0 |
| CVE-2026-31416 In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: account for netlink header size This is a followup to an old bug fix: NLMSG_DONE needs to account for th... | N/A | NONE | β | 0 |
| CVE-2026-31417 In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix overflow when accumulating packets Add a check to ensure that `x25_sock.fraglen` does not overflow. The `fraglen` al... | N/A | NONE | β | 0 |
| CVE-2026-31418 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtype_del mtype_del() counts empty slots below n->pos in k, but it only drops th... | N/A | NONE | β | 0 |
| CVE-2026-31421 In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_fw: fix NULL pointer dereference on shared blocks The old-method path in fw_classify() calls tcf_block_q() and dere... | N/A | NONE | β | 0 |
| CVE-2026-31422 In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_flow: fix NULL pointer dereference on shared blocks flow_change() calls tcf_block_q() and dereferences q->handle to... | N/A | NONE | β | 0 |
| CVE-2026-6606 A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function _process_audio_block of the file src/agentscope/agent/_agent_base.py. Executing a manipula... | 7.3 | HIGH | β | 0 |
| CVE-2024-7083 The Email Encoder WordPress plugin before 2.3.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks ... | 3.5 | LOW | β | 0 |
| CVE-2026-6611 A vulnerability was found in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component File Upload Endpoint. Performing a manipulation... | 3.1 | LOW | β | 0 |
| CVE-2026-6615 A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the component Multipart Uploa... | 7.3 | HIGH | β | 0 |
| CVE-2025-13480 Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive informat... | N/A | NONE | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.