Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-25691 A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all vers... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-64340 FastMCP is the standard framework for building MCP applications. Prior to version 3.2.0, server names containing shell metacharacters (e.g., &) can cause command injection on Windows when passed to fa... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-29608 OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the work... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-30650 AΒ Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. Th... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-41989 Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt. | 6.7 | MEDIUM | β | 0 |
| CVE-2026-34871 An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG). | 6.7 | MEDIUM | β | 0 |
| CVE-2026-22341 Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through <= 3.0.0. | 6.7 | MEDIUM | β | 0 |
| CVE-2026-39389 CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, This vulnerability is fixed in 0.31.4.... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-21915 A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights (JSI) Virtual Lightweight Collector (vLWC) allows a local, high privileged attacker to escalate their p... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-4105 A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop ... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-41360 OpenClaw before 2026.4.2 contains an approval integrity vulnerability in pnpm dlx that fails to bind local script operands consistently with pnpm exec flows. Attackers can replace approved local scrip... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-62846 An SQL injection vulnerability has been reported to affect QHora. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. ... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-25206 Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335. | 6.7 | MEDIUM | β | 0 |
| CVE-2026-22169 OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safeBins configuration that allows attackers to invoke external helpers through the compress-program option. When ... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-25908 Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentia... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-7280 AVACAST developed by eMPIA Technology has a Unquoted Service Path vulnerability, allowing privileged local attackers to place a malicious executable file in a specific directory, resulting in arbitrar... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-9909 A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash (//)... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-4878 A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to ... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-35553 Bluetooth ACPI Drivers provided by Dynabook Inc. contain a stack-based buffer overflow vulnerability. An attacker may execute arbitrary code by modifying certain registry values. | 6.7 | MEDIUM | β | 0 |
| CVE-2025-62845 An improper neutralization of escape, meta, or control sequences vulnerability has been reported to affect QHora. If a local attacker gains an administrator account, they can then exploit the vulnerab... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-5164 A flaw was found in virtio-win. The `RhelDoUnMap()` function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input vali... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-39814 A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.1 through 7.4.12, FortiWeb 7.2.7 through 7.2.12, FortiWeb 7.0.10 through 7.... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-14917 IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings. | 6.7 | MEDIUM | β | 0 |
| CVE-2026-22902 A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. W... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-34863 Out-of-bounds write vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability. | 6.7 | MEDIUM | β | 0 |
| CVE-2026-5165 A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. T... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-41392 OpenClaw before 2026.3.31 contains an exec allowlist bypass vulnerability allowing attackers to inherit allowlist trust via shell init-file wrapper invocations. Attackers can exploit shell options lik... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-40224 In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace. | 6.7 | MEDIUM | β | 0 |
| CVE-2026-20099 A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform ... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-21426 Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access ... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-48418 A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnal... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-32452 Uncontrolled search path for some AI Playground before version 2.6.1 beta within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated u... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-20106 Uncontrolled search path in some software installer for some VTune(TM) Profiler software and Intel(R) oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalati... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-24510 Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vu... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-32259 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, when a memory allocation fails in the sixel encoder it would be possible... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-0940 A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code. | 6.7 | MEDIUM | β | 0 |
| CVE-2025-20070 Improper conditions check for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of ... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-9908 A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. This vulnerability allows an authenticated user to gain access to sensitive internal infrastructu... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-9907 A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream API. This vulnerability allows exposure of sensitive client credentials and internal infrastructure... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-1585 An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the ... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-3091 An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows local users to read or write arbitrary files during installation by placing a malicious DLL in adva... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-15316 Tanium addressed a local privilege escalation vulnerability in Tanium Server. | 6.7 | MEDIUM | β | 0 |
| CVE-2026-22270 Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an uncontrolled search path element vulnerability. A high privileged attacker with local access could... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-15315 Tanium addressed a local privilege escalation vulnerability in Tanium Module Server. | 6.7 | MEDIUM | β | 0 |
| CVE-2026-20436 In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System pri... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-20443 In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interacti... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-20444 In display, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User i... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-26972 OpenClaw is a personal AI assistant. In versions 2026.1.12 through 2026.2.12, OpenClaw browser download helpers accepted an unsanitized output path. When invoked via the browser control gateway routes... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-21425 Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an incorrect privilege assignment vulnerability. A low privileged attacker with local access could po... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-0027 In smmu_detach_dev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User int... | 6.7 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.