Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-31505 In the Linux kernel, the following vulnerability has been resolved: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() iavf incorrectly uses real_num_tx_queues for ETH_SS_STATS. Since the va... | 7.8 | HIGH | β | 0 |
| CVE-2026-31506 In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix double free of WoL irq We do not need to free wol_irq since it was instantiated with devm_request_irq(). So devre... | 7.8 | HIGH | β | 0 |
| CVE-2026-31511 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete This fixes the condition checking so mgmt_pending_... | 7.8 | HIGH | β | 0 |
| CVE-2026-31515 In the Linux kernel, the following vulnerability has been resolved: af_key: validate families in pfkey_send_migrate() syzbot was able to trigger a crash in skb_put() [1] Issue is that pfkey_send_mi... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31517 In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix skb_put() panic on non-linear skb during reassembly In iptfs_reassem_cont(), IP-TFS attempts to append data to th... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31518 In the Linux kernel, the following vulnerability has been resolved: esp: fix skb leak with espintcp and async crypto When the TX queue for espintcp is full, esp_output_tail_tcp will return an error ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31520 In the Linux kernel, the following vulnerability has been resolved: HID: apple: avoid memory leak in apple_report_fixup() The apple_report_fixup() function was returning a newly kmemdup()-allocated ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31526 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exception exit lock checking for subprogs process_bpf_exit_full() passes check_lock = !curframe to check_resource_leak(),... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31527 In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driver_override infrastructure When a driver is probed through __driver_attach(), the bus' matc... | 7.8 | HIGH | β | 0 |
| CVE-2026-33656 EspoCRM is an open source customer relationship management application. Prior to version 9.3.4, EspoCRM's built-in formula scripting engine allowing updating attachment's sourceId thus allowing an aut... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-41454 WeKan beforeΒ 8.35 contains a missing authorization vulnerability in the Integration REST API endpoints that allows authenticated board members to perform administrative actions without proper privileg... | 8.3 | HIGH | β | 0 |
| CVE-2026-41455 WeKan beforeΒ 8.35 contains a server-side request forgery vulnerability in webhook integration URL handling where the url schema field accepts any string without protocol restriction or destination val... | 8.5 | HIGH | β | 0 |
| CVE-2026-41176 Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint `options/set` is exposed without `AuthRequired: true`, but it can mutate g... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-41232 Froxlor is open source server administration software. Prior to version 2.3.6, in `EmailSender::add()`, the domain ownership validation for full email sender aliases uses the wrong array index when sp... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-31531 In the Linux kernel, the following vulnerability has been resolved: ipv4: nexthop: allocate skb dynamically in rtm_get_nexthop() When querying a nexthop object via RTM_GETNEXTHOP, the kernel current... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-41460 SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized befor... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-33999 A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a... | 7.8 | HIGH | β | 0 |
| CVE-2025-50229 Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-34003 A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerabil... | 7.8 | HIGH | β | 0 |
| CVE-2026-40470 A critical XSS vulnerability affected hackage-server and hackage.haskell.org. HTML and JavaScript files provided in source packages or via the documentation upload facility were served as-is on the m... | 9.9 | CRITICAL | β | 0 |
| CVE-2026-41238 DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions 3.0.1 through 3.3.3 are vulnerable to a prototype pollution-based XSS bypass. When an application uses `DOMPu... | 6.9 | MEDIUM | β | 0 |
| CVE-2026-41239 DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Starting in version 1.0.10 and prior to version 3.4.0, `SAFE_FOR_TEMPLATES` strips `{{...}}` expressions from untruste... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-39087 An issue in Ntfy ntfy.sh before v.2.21 allows a remote attacker to execute arbitrary code via the parseActions function | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28808 Incorrect Authorization vulnerability in Erlang OTP (inets modules) allows unauthenticated access to CGI scripts protected by directory rules when served via script_alias. When script_alias maps a UR... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26181 Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-26183 Improper access control in Windows RPC API allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-26184 Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-39387 BoidCMS is an open-source, PHP-based flat-file CMS for building simple websites and blogs, using JSON as its database. Versions prior to 2.1.3 are vulnerable to a critical Local File Inclusion (LFI) a... | 7.2 | HIGH | β | 0 |
| CVE-2026-39842 OpenRemote is an open-source IoT platform. Versions 1.21.0 and below contain two interrelated expression injection vulnerabilities in the rules engine that allow arbitrary code execution on the server... | 9.9 | CRITICAL | β | 0 |
| CVE-2026-39984 Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimesta... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-40090 Zarf is an Airgap Native Packager Manager for Kubernetes. Versions 0.23.0 through 0.74.1 contain an arbitrary file write vulnerability in the zarf package inspect sbom and zarf package inspect documen... | 7.1 | HIGH | β | 0 |
| CVE-2026-40091 SpiceDB is an open source database system for creating and managing security-critical application permissions. In versions 1.49.0 through 1.51.0, when SpiceDB starts with log level info, the startup "... | 6.0 | MEDIUM | β | 0 |
| CVE-2026-40302 zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, the proxyUi template engine uses Go's text/template (which performs no HTML escaping) instead of html/t... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-40303 zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, endpoints.GetSessionCookie parses an attacker-supplied cookie chunk count and calls make([]string, coun... | 7.5 | HIGH | β | 0 |
| CVE-2026-40304 zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, the unaccess handler (controller/unaccess.go) contains a logical error in its ownership guard: when a f... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-25524 Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Pri... | 8.1 | HIGH | β | 0 |
| CVE-2026-25525 Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Pri... | 4.9 | MEDIUM | β | 0 |
| CVE-2026-40098 Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Pri... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-40488 Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Pri... | 8.8 | HIGH | β | 0 |
| CVE-2026-32613 Spinnaker is an open source, multi-cloud continuous delivery platform. Echo like some other services, uses SPeL (Spring Expression Language) to process information - specifically around expected artif... | 9.9 | CRITICAL | β | 0 |
| CVE-2026-39378 The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when `HTMLExporter.embed_images=True`, nbconvert's markd... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-39386 Neko is a a self-hosted virtual browser that runs in Docker and uses WebRTC In versions 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1, any authenticated user can immediately obtain full administrative ... | 8.8 | HIGH | β | 0 |
| CVE-2026-34295 Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: Purchasing). The supported version that is affected is 9.2. Easily exploitable vulnerability allows... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-34296 Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4. Ea... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-34297 Vulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite (component: Knowledge Integration). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable ... | 7.5 | HIGH | β | 0 |
| CVE-2026-34313 Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-34314 Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-34321 Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affect... | 4.8 | MEDIUM | β | 0 |
| CVE-2026-34324 Vulnerability in the Oracle Life Sciences InForm product of Oracle Life Science Applications (component: App Server). Supported versions that are affected are 7.0.1.0 and 7.0.1.1. Easily exploitable... | 6.5 | MEDIUM | β | 0 |
| CVE-2025-70994 Yadea T5 Electric Bicycles (models manufactured in/after 2024) have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without impleme... | 7.3 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.