Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-27688 Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function mod... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-2756 A security vulnerability has been detected in OmniPEMF NeoRhythm up to 20260308. This affects an unknown function of the component BLE Interface. Such manipulation leads to missing authentication. The... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-5704 A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-41338 OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-2479 The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.1. This is due to the use of `strpos()` for substring-base... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-4979 The UsersWP β Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to blind Server-Side Request Forgery in all versions up to, and... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-4925 Improper access control in the users MFA feature in Devolutions Server allows an authenticated user to bypass administrator-enforced restrictions and remove their own multi-factor authentication (MFA)... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-41034 ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion (via pictFmla.cbBufInCtlStm and other vectors), leading to an information leak and ASLR bypass. | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34165 go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cau... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-40916 A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service (DoS). By opening a specially crafted TIM ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-33537 Lychee is a free, open-source photo-management tool. The patch introduced for GHSA-cpgw-wgf3-xc6v (SSRF via `Photo::fromUrl`) contains an incomplete IP validation check that fails to block loopback ad... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-40002 Red Magic 11 Pro (NX809J)Β contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications accessi... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-5175 Improper access control in the multi-factor authentication (MFA) management API in Devolutions Server allows an authenticated attacker to delete their own configured MFA factors and reduce account pro... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34881 OpenStack Glance before 29.1.1, 30.x before 30.1.1, and 31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of HTTP redirects, an authenticated user can bypass URL validation checks and r... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-29044 EVerest is an EV charging software stack. Prior to version 2026.02.0, when WithdrawAuthorization is processed before the TransactionStarted event, AuthHandler determines `transaction_active=false` and... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-6845 A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially cr... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34244 Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission (granted by the per-project "Administration" role) can configure machine translation servic... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-32442 Missing Authorization vulnerability in E2Pdf e2pdf e2pdf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects e2pdf: from n/a through <= 1.28.15. | 5.0 | MEDIUM | β | 0 |
| CVE-2026-36764 A Server-Side Request Forgery (SSRF) in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request. | 5.0 | MEDIUM | β | 0 |
| CVE-2026-7688 A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2. This affects the function _checkValForAPI of the file htdocs/expedition/class/expedition.class.php of the component Shipments API Endpo... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-2401 CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an at... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-33440 Weblate is a web based localization tool. In versions prior to 5.17, the ALLOWED_ASSET_DOMAINS setting applied only to the first issued requests and didn't restrict possible redirects. This issue has ... | 5.0 | MEDIUM | β | 0 |
| CVE-2025-15328 Tanium addressed an improper link resolution before file access vulnerability in Enforce. | 5.0 | MEDIUM | β | 0 |
| CVE-2026-32415 Path Traversal: '.../...//' vulnerability in Bogdan Bendziukov Squeeze squeeze allows Path Traversal.This issue affects Squeeze: from n/a through <= 1.7.7. | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34262 Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer | 5.0 | MEDIUM | β | 0 |
| CVE-2026-35372 A logic error in the ln utility of uutils coreutils allows the utility to dereference a symbolic link target even when the --no-dereference (or -n) flag is explicitly provided. The implementation prev... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-7317 A vulnerability was found in Grav CMS up to 1.7.49.5/2.0.0-beta.1. Affected by this vulnerability is the function FileCache::doGet of the file system/src/Grav/Framework/Cache/Adapter/FileCache.php of ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-40256 Weblate is a web based localization tool. In versions prior to 5.17, repository-boundary validation relies on string prefix checks on resolved absolute paths. In multiple code paths, the check uses st... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-4582 A security vulnerability has been detected in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. Affected by this vulnerability is an unknown functionality of the component Bluetooth. Such manipulation lea... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-4583 A vulnerability was detected in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. Affected by this issue is some unknown functionality of the component Bluetooth Handler. Performing a manipulation results... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-1892 A security vulnerability has been detected in WeKan up to 8.20. This affects the function setBoardOrgs of the file models/boards.js of the component REST API. Such manipulation of the argument item.ca... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-22726 Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-7724 A vulnerability has been found in PrefectHQ prefect up to 3.6.28.dev1. Affected by this vulnerability is the function validate_restricted_url of the component Webhook/Notification. The manipulation le... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-35461 Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, the Papra webhook system allows authenticated users to register arbitrary URLs as webhook endpoints with no validat... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-39881 Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands wh... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-3216 Server-Side Request Forgery (SSRF) vulnerability in Drupal Drupal Canvas allows Server Side Request Forgery.This issue affects Drupal Canvas: from 0.0.0 before 1.1.1. | 5.0 | MEDIUM | β | 0 |
| CVE-2025-9572 n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the Graph... | 5.0 | MEDIUM | β | 0 |
| CVE-2025-13995 IBM QRadar SIEMΒ 7.5.0 through 7.5.0 Update Package 14 could allow an attacker with access to one tenant to access hostname data from another tenant's account. | 5.0 | MEDIUM | β | 0 |
| CVE-2026-39411 LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, the webapi authentication layer trusts a client-controlled X-lobe-chat-a... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34972 OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. From 1.8.0 to 1.13.1, under specific conditions, BatchCheck calls with ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-35248 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileg... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34589 OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, the DWA l... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34983 Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be trigg... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-39880 Remnawave Backend is the backend for the Remnawave proxy and user management solution. Prior to 2.7.5, a glitch in the HWID device registration logic allows an authenticated user to bypass the configu... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-33185 Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the group email settings ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-33294 WWBN AVideo is an open source video platform. Prior to version 26.0, the BulkEmbed plugin's save endpoint (`plugin/BulkEmbed/save.json.php`) fetches user-supplied thumbnail URLs via `url_get_contents(... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-29107 SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and 8.9.3, it is possible to create PDF templates with `<img>` tags. ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-20988 Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is requir... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-33259 Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur wit... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-40974 Spring Boot's Cassandra auto-configuration does not perform hostname verification when establishing an SSL connection to Cassandra. Affected: Spring Boot 4.0.0β4.0.5 (fix 4.0.6), 3.5.0β3.5.13 (fix 3.... | 5.0 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.