Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-42150 wlc is a Weblate command-line client using Weblate's REST API. Prior to version 2.0.0, the HTML output format in wlc embeds API response data into HTML without escaping, allowing cross-site scripting ... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-35613 coursevault-preview is a utility for previewing course material files from a configured directory. coursevault-preview versions prior to 0.1.1 contain a path traversal vulnerability in the resolveSafe... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-1940 An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gst_wavparse_adtl_chunk() function. The patch added a size validation check lsize + 8 > size, but it does not account for the GST_R... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-34757 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-23868 Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult bu... | 5.1 | MEDIUM | β | 0 |
| CVE-2025-14480 IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information | 5.1 | MEDIUM | β | 0 |
| CVE-2026-2243 A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of sensitive information or a denial of service condit... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-25576 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in multiple raw im... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-40337 The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task'... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-25571 A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK client component does not enforce maximum length checks on certain variables before use. This could ... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-0977 IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls. | 5.1 | MEDIUM | β | 0 |
| CVE-2026-28537 Double free vulnerability in the window module.Β Impact: Successful exploitation of this vulnerability may affect availability. | 5.1 | MEDIUM | β | 0 |
| CVE-2026-25572 A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK server component does not enforce maximum length checks on certain variables before use. This could ... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-34238 ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, an integer overflow in the despeckle operation causes a he... | 5.1 | MEDIUM | β | 0 |
| CVE-2025-36579 Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leadin... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-40003 ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any l... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-33536 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incre... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-6654 Double-Free / Use-After-Free (UAF) in the `IntoIter::drop` and `ThinVec::clear` functions in the thin_vec crate. A panic in `ptr::drop_in_place` skips setting the length to zero. | 5.1 | MEDIUM | β | 0 |
| CVE-2025-66442 In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also aff... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-20988 Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is requir... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-35527 Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request ag... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-5175 Improper access control in the multi-factor authentication (MFA) management API in Devolutions Server allows an authenticated attacker to delete their own configured MFA factors and reduce account pro... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-39880 Remnawave Backend is the backend for the Remnawave proxy and user management solution. Prior to 2.7.5, a glitch in the HWID device registration logic allows an authenticated user to bypass the configu... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-3848 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to make unintend... | 5.0 | MEDIUM | β | 0 |
| CVE-2025-13995 IBM QRadar SIEMΒ 7.5.0 through 7.5.0 Update Package 14 could allow an attacker with access to one tenant to access hostname data from another tenant's account. | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34589 OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, the DWA l... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-4925 Improper access control in the users MFA feature in Devolutions Server allows an authenticated user to bypass administrator-enforced restrictions and remove their own multi-factor authentication (MFA)... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34983 Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be trigg... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-35461 Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, the Papra webhook system allows authenticated users to register arbitrary URLs as webhook endpoints with no validat... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-41034 ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion (via pictFmla.cbBufInCtlStm and other vectors), leading to an information leak and ASLR bypass. | 5.0 | MEDIUM | β | 0 |
| CVE-2026-41232 Froxlor is open source server administration software. Prior to version 2.3.6, in `EmailSender::add()`, the domain ownership validation for full email sender aliases uses the wrong array index when sp... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-33537 Lychee is a free, open-source photo-management tool. The patch introduced for GHSA-cpgw-wgf3-xc6v (SSRF via `Photo::fromUrl`) contains an incomplete IP validation check that fails to block loopback ad... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-41413 Istio is an open platform to connect, manage, and secure microservices. Prior to versions 1.28.6 and 1.29.2, when a RequestAuthentication resource is created with a jwksUri pointing to an internal ser... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-40970 When configured to use an SSL bundle, Spring Boot's Elasticsearch auto-configuration does not perform hostname verification when connecting to the Elasticsearch server. Affected: Spring Boot 4.0.0β4.... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-40002 Red Magic 11 Pro (NX809J)Β contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications accessi... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-40916 A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service (DoS). By opening a specially crafted TIM ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-29107 SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and 8.9.3, it is possible to create PDF templates with `<img>` tags. ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-33185 Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the group email settings ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-35248 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileg... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-4979 The UsersWP β Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to blind Server-Side Request Forgery in all versions up to, and... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34972 OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. From 1.8.0 to 1.13.1, under specific conditions, BatchCheck calls with ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-39881 Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands wh... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-39411 LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, the webapi authentication layer trusts a client-controlled X-lobe-chat-a... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-24313 SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulner... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-30853 calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to 9.5.0, a path traversal vulnerability in the RocketBook (.rb) input plugin (src/calibre/eb... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-24317 SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a mali... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-41338 OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-27688 Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function mod... | 5.0 | MEDIUM | β | 0 |
| CVE-2025-69644 An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-29060 Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to version 2.2.3, a registered user without privileges to create or modify file requests is able to ... | 5.0 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.