Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-35441 Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus' GraphQL endpoints (/graphql and /graphql/system) did not deduplicate resolver invocations w... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-35442 Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, aggregate functions (min, max) applied to fields with the conceal special type incorrectly return raw... | 8.1 | HIGH | β | 0 |
| CVE-2026-33227 Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ Web, Apache ActiveMQ. In two in... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-4420 Bludit is vulnerable to Stored Cross-Site Scripting (XSS) in its page creating functionality. An authenticated attacker with page creation privileges (such as Author, Editor, or Administrator) can emb... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-33088 Movable Type provided by Six Apart Ltd. contains an SQL Injection vulnerability which may allow an attacker to execute an arbitrary SQL statement. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-33457 Livestatus injection in the prediction graph page in Checkmk <2.5.0b4, <2.4.0p26, and <2.3.0p47 allows an authenticated user to inject arbitrary Livestatus commands via a crafted service name paramete... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-39417 MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an incomplete fix for CVE-2025-53928, where a Remote Code Execution vulnerability still exists in the MCP node of ... | 4.6 | MEDIUM | β | 0 |
| CVE-2026-26477 An issue in Dokuwiki v.2025-05-14b "Librarian" [56.2] allows a remote attacker to cause a denial of service via the media_upload_xhr() function in the media.php file | 4.3 | MEDIUM | β | 0 |
| CVE-2026-5469 A weakness has been identified in Casdoor 2.356.0. This vulnerability affects unknown code of the component Webhook URL Handler. Executing a manipulation can lead to server-side request forgery. The a... | 4.7 | MEDIUM | β | 0 |
| CVE-2025-62188 An Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Apache DolphinScheduler. This vulnerability may allow unauthorized actors to access sensitive information, includ... | 7.5 | HIGH | β | 0 |
| CVE-2026-34184 Hydrosystem Control System does not enforce authorization for some directories. This allows an unauthorized attacker to read all files in these directories and even execute some of them. Critically th... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-34185 Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, po... | 8.8 | HIGH | β | 0 |
| CVE-2026-4901 Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-24661 Mattermost Plugins versions <=2.1.3.0 fail to limit the request body size on the {{/changes}} webhook endpoint which allows an authenticated attacker to cause memory exhaustion and denial of service v... | 3.7 | LOW | β | 0 |
| CVE-2026-40170 ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params() serializes peer transport parameters into a fixed 1024-byte stack buf... | 7.5 | HIGH | β | 0 |
| CVE-2026-40318 SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and prior, the /api/av/removeUnusedAttributeView endpoint constructs a filesystem path using the user-controlled id par... | 8.5 | HIGH | β | 0 |
| CVE-2026-40922 SiYuan is an open-source personal knowledge management system. In versions 3.6.1 through 3.6.3, a prior fix for XSS in bazaar README rendering (incomplete fix for CVE-2026-33066) enabled the Lute HTML... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-40153 PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, the execute_command function in shell_tools.py calls os.path.expandvars() on every command argument at line 64, manually re-implementin... | 7.4 | HIGH | β | 0 |
| CVE-2026-40156 PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI automatically loads a file named tools.py from the current working directory to discover and register custom agent tools. This load... | 7.8 | HIGH | β | 0 |
| CVE-2026-33783 A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-33785 A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a comp... | 8.8 | HIGH | β | 0 |
| CVE-2026-33790 An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker sending a specific, malformed ICMPv6 pack... | 7.5 | HIGH | β | 0 |
| CVE-2026-40116 PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /media-stream WebSocket endpoint in PraisonAI's call module accepts connections from any client without authentication or Twilio signatur... | 7.5 | HIGH | β | 0 |
| CVE-2026-40117 PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, read_skill_file() in skill_tools.py allows reading arbitrary files from the filesystem by accepting an unrestricted skill_path paramete... | 6.2 | MEDIUM | β | 0 |
| CVE-2026-40148 PraisonAI is a multi-agent teams system. Prior to 4.5.128, the _safe_extractall() function in PraisonAI's recipe registry validates archive members against path traversal attacks but performs no check... | 6.5 | MEDIUM | β | 0 |
| CVE-2025-66236 Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Som... | 7.5 | HIGH | β | 0 |
| CVE-2026-31923 Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. This can occur due to `ssl_verify` in openid-connect plugin configuration being set to false by default. This issue aff... | 7.5 | HIGH | β | 0 |
| CVE-2026-33104 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | 7.0 | HIGH | β | 0 |
| CVE-2025-54550 The example example_xcomΒ that was included in airflow documentation implemented unsafe pattern of reading value from xcom in the way that could be exploited to allow UI user who had access to modify X... | 8.1 | HIGH | β | 0 |
| CVE-2026-40158 PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI's AST-based Python sandbox can be bypassed using type.__getattribute__ trampoline, allowing arbitrary code execution when running u... | 8.6 | HIGH | β | 0 |
| CVE-2026-34177 Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of ke... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-34178 In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a s... | 9.1 | CRITICAL | β | 0 |
| CVE-2024-36057 Koha Library before 23.05.10 fails to sanitize user-controllable filenames prior to unzipping, leading to remote code execution. The line "qx/unzip $filename -d $dirname/;" in upload-cover-image.pl is... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-33816 Memory-safety vulnerability in github.com/jackc/pgx/v5. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-35490 changedetection.io is a free open source web page change detection tool. Prior to 0.54.8, the @login_optionally_required decorator is placed before (outer to) @blueprint.route() instead of after it. I... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-33865 MLflow is vulnerable to Stored Cross-Site Scripting (XSS) caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file c... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-35578 Rejected reason: This CVE is a duplicate of another CVE.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-39940. Reason: This candidate is a reservation duplicate of CVE-2026-3994... | N/A | NONE | β | 0 |
| CVE-2026-35605 File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the Matches() function in rules/rules.go uses ... | 7.5 | HIGH | β | 0 |
| CVE-2025-69515 An issue in JXL 9 Inch Car Android Double Din Player Android v12.0 allows attackers to force the infotainment system into accepting falsified GPS signals as legitimate, resulting in the device reporti... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-35455 immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStored Cross-Site Scripting (XSS) in the 360Β° panorama viewer allows any authenticated user to execute ar... | 7.3 | HIGH | β | 0 |
| CVE-2026-35584 FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, the endpoint GET /thread/read/{conversation_id}/{thread_id} does not require authentication and doe... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-39412 LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.4, the sort_natural filter bypasses the ownPropertyOnly security option, allowing template authors to... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-4660 HashiCorpβs go-getter library up to v1.8.5 may allow arbitrary file reads on the file system during certain git operations through a maliciously crafted URL. This vulnerability, CVE-2026-4660, is fixe... | 7.5 | HIGH | β | 0 |
| CVE-2025-50228 Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery (SSRF) in User Evaluation, Message, and Comment modules. | 9.1 | CRITICAL | β | 0 |
| CVE-2025-70810 Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the login function and the authentication mechanism | 8.8 | HIGH | β | 0 |
| CVE-2026-4114 Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication. | N/A | NONE | β | 0 |
| CVE-2026-35468 nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers ass... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-34766 Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, the select-usb-device event callbac... | 3.3 | LOW | β | 0 |
| CVE-2026-34768 Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, on Windows, app.setLoginItemSetting... | 3.9 | LOW | β | 0 |
| CVE-2026-34769 Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, an undocumented commandLineSwitches... | 7.7 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.