Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-25242 Gogs is an open source self-hosted Git service. Versions 0.13.4 and below expose unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled (default), any ... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-1950 Delta Electronics AS320T has No checking of the length of the buffer with the file name vulnerability. | 9.8 | CRITICAL | — | 0 |
| CVE-2026-29859 An arbitrary file upload vulnerability in aaPanel v7.57.0 allows attackers to execute arbitrary code via uploading a crafted file. | 9.8 | CRITICAL | — | 0 |
| CVE-2026-28802 Authlib is a Python library which builds OAuth and OpenID Connect servers. From version 1.6.5 to before version 1.6.7, previous tests involving passing a malicious JWT containing alg: none and an empt... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-31871 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.5 and 8.6.31, a SQL injection vulnerability exists in the PostgreSQL storag... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-40620 A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config applic... | 9.8 | CRITICAL | — | 0 |
| CVE-2018-25159 Epross AVCON6 systems management platform contains an object-graph navigation language (OGNL) injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by injecting m... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-4001 The Woocommerce Custom Product Addons Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 5.4.1 via the custom pricing formula eval() in the process_c... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-40630 A vulnerability in SenseLive X3050’s web management interface allows unauthorized access to certain configuration endpoints due to improper access control enforcement. An attacker with network acce... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-31877 Frappe is a full-stack web application framework. Prior to 15.84.0 and 14.99.0, a specially crafted request made to a certain endpoint could result in SQL injection, allowing an attacker to extract in... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-28514 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.8.6, 7.9.8, 7.10.7, 7.11.4, 7.12.4, 7.13.3, and 8.0.0, a critical authentication bypass vulnerabi... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-30831 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.10.8, 7.11.5, 7.12.5, 7.13.4, 8.0.2, 8.1.1, and 8.2.0, authentication vulnerabilities exist in Ro... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-26795 GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the module parameter in the M.get_system_log function. This vulnerability allows attackers to execute arbitr... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-26792 GL-iNet GL-AR300M16 v4.3.11 was discovered to contain multiple command injection vulnerabilities in the set_upgrade function via the modem_url, target_version, current_version, firmware_upload, hash_t... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-26791 GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the string port parameter in the enable_echo_server function. This vulnerability allows attackers to execute... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-60355 zhangyd-c OneBlog v2.3.9 and before was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates. | 9.8 | CRITICAL | — | 0 |
| CVE-2026-25070 XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain an OS command injection vulnerability in the /goform/PingTestSet endpoint that allows unauthenticated remote attackers t... | 9.8 | CRITICAL | — | 0 |
| CVE-2021-47728 Selea Targa IP OCR-ANPR Camera contains an unauthenticated command injection vulnerability in utils.php that allows remote attackers to execute arbitrary shell commands. Attackers can exploit the 'add... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-32136 AdGuard Home is a network-wide software for blocking ads and tracking. Prior to 0.107.73, an unauthenticated remote attacker can bypass all authentication in AdGuardHome by sending an HTTP/1.1 request... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-64113 Emby Server is a user-installable home media server. Versions below 4.9.1.81 allow an attacker to gain full administrative access to an Emby Server (for Emby Server administration, not at the OS level... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-66509 LaraDashboard is an all-In-one solution to start a Laravel Application. In 2.3.0 and earlier, the password reset flow trusts the Host header, allowing attackers to redirect the administrator’s reset t... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-59388 A use of hard-coded password vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-3059 SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads() without authentication. | 9.8 | CRITICAL | — | 0 |
| CVE-2026-24989 Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Object Injection.This issue affects SUMO Affiliates Pro: from n/a through < 11.4.0. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-41742 Sprecher Automations SPRECON-E-C, SPRECON-E-P, SPRECON-E-T3 is vulnerable to attack by an unauthorized remote attacker via default cryptographic keys. The use of these keys allows the attacker to rea... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-66405 Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host reque... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-25072 XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a predictable session identifier vulnerability in the /goform/SetLogin endpoint that allows remote attackers to hijack a... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-30821 Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the /api/v1/attachments/:chatflowId/:chatId endpoint is listed in WHITELIST_URLS, allo... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-70831 A Remote Code Execution (RCE) vulnerability was found in Smanga 3.2.7 in the /php/path/rescan.php interface. The application fails to properly sanitize user-supplied input in the mediaId parameter bef... | 9.8 | CRITICAL | — | 0 |
| CVE-2019-25441 thesystem 1.0 contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious input to the run_command endpoint. Attackers... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-26339 Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execution through the argument injection vulnerability, which exists in the document processing functiona... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-2038 GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authent... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-2039 GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authen... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-2446 The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authorization and CRSF checks in an AJAX action, allowing unauthenticated users to update arbitrary WordPress options (such as d... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-28438 CocoIndex is a data transformation framework for AI. Prior to version 0.3.34, the Doris target connector didn't verify the configured table name before creating some SQL statements (ALTER TABLE). So, ... | 9.8 | CRITICAL | — | 0 |
| CVE-2019-19638 An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow. | 9.8 | CRITICAL | — | 0 |
| CVE-2019-19637 An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_decode_raw_impl at fromsixel.c. | 9.8 | CRITICAL | — | 0 |
| CVE-2019-19636 An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_encode_body at tosixel.c. | 9.8 | CRITICAL | — | 0 |
| CVE-2019-19635 An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function sixel_decode_raw_impl at fromsixel.c. | 9.8 | CRITICAL | — | 0 |
| CVE-2021-21985 The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malic... | 9.8 | CRITICAL | KEV | 0 |
| CVE-2021-31755 An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system vi... | 9.8 | CRITICAL | KEV | 0 |
| CVE-2019-18935 Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the... | 9.8 | CRITICAL | KEV | 0 |
| CVE-2026-30824 Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the NVIDIA NIM router (/api/v1/nvidia-nim/*) is whitelisted in the global authenticati... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-28795 OpenChatBI is an intelligent chat-based BI tool powered by large language models, designed to help users query, analyze, and visualize data through natural language conversations. Prior to version 0.2... | 9.8 | CRITICAL | — | 0 |
| CVE-2024-36401 GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.22.6, 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Executio... | 9.8 | CRITICAL | KEV | 0 |
| CVE-2026-32865 OPEXUS eComplaint and eCASE before version 10.1.0.0 include the secret verification code in the HTTP response when requesting a password reset via 'ForcePasswordReset.aspx'. An attacker who knows an e... | 9.8 | CRITICAL | — | 0 |
| CVE-2024-27198 In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | 9.8 | CRITICAL | KEV | 0 |
| CVE-2025-10970 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kolay Software Inc. Talentics allows Blind SQL Injection.This issue affects Talentics: through 200... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-56422 A deserialization vulnerability in LimeSurvey before v6.15.0+250623 allows a remote attacker to execute arbitrary code on the server. | 9.8 | CRITICAL | — | 0 |
| CVE-2019-15107 An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability. | 9.8 | CRITICAL | KEV | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.