Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-41034 ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion (via pictFmla.cbBufInCtlStm and other vectors), leading to an information leak and ASLR bypass. | 5.0 | MEDIUM | β | 0 |
| CVE-2026-3848 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to make unintend... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-40916 A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service (DoS). By opening a specially crafted TIM ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-40917 A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious I... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-32442 Missing Authorization vulnerability in E2Pdf e2pdf e2pdf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects e2pdf: from n/a through <= 1.28.15. | 5.0 | MEDIUM | β | 0 |
| CVE-2026-33440 Weblate is a web based localization tool. In versions prior to 5.17, the ALLOWED_ASSET_DOMAINS setting applied only to the first issued requests and didn't restrict possible redirects. This issue has ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-2401 CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an at... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-4583 A vulnerability was detected in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. Affected by this issue is some unknown functionality of the component Bluetooth Handler. Performing a manipulation results... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-22726 Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-7317 A vulnerability was found in Grav CMS up to 1.7.49.5/2.0.0-beta.1. Affected by this vulnerability is the function FileCache::doGet of the file system/src/Grav/Framework/Cache/Adapter/FileCache.php of ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-36764 A Server-Side Request Forgery (SSRF) in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request. | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34244 Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission (granted by the per-project "Administration" role) can configure machine translation servic... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-45000 OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in browser CDP profile creation that skips strict-mode SSRF policy checks. Attackers can create stored profiles pointing ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-35372 A logic error in the ln utility of uutils coreutils allows the utility to dereference a symbolic link target even when the --no-dereference (or -n) flag is explicitly provided. The implementation prev... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-40256 Weblate is a web based localization tool. In versions prior to 5.17, repository-boundary validation relies on string prefix checks on resolved absolute paths. In multiple code paths, the check uses st... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34319 Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulne... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-7778 An issue that could allow a dashboard configuration to be viewed from outside of the authorized organization scope has been resolved. This is an instance of CWE-269: Improper Privilege Management, and... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-7688 A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2. This affects the function _checkValForAPI of the file htdocs/expedition/class/expedition.class.php of the component Shipments API Endpo... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-41131 OpenFGA is an authorization/permission engine built for developers. Prior to version 1.14.1, in specific scenarios, models using conditions with caching enabled can result in two different check reque... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34317 Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulne... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-7724 A vulnerability has been found in PrefectHQ prefect up to 3.6.28.dev1. Affected by this vulnerability is the function validate_restricted_url of the component Webhook/Notification. The manipulation le... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-24313 SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulner... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-33126 Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper vali... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-27688 Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function mod... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-29060 Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to version 2.2.3, a registered user without privileges to create or modify file requests is able to ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-30959 OneUptime is a solution for monitoring and managing online services. The resend-verification-code endpoint allows any authenticated user to trigger a verification code resend for any UserWhatsApp reco... | 5.0 | MEDIUM | β | 0 |
| CVE-2025-69644 An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-0385 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability | 5.0 | MEDIUM | β | 0 |
| CVE-2025-6969 in OpenHarmony v5.1.0 and prior versions allow a local attacker cause DOS through improper input. | 5.0 | MEDIUM | β | 0 |
| CVE-2026-41338 OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-30853 calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to 9.5.0, a path traversal vulnerability in the RocketBook (.rb) input plugin (src/calibre/eb... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-2756 A security vulnerability has been detected in OmniPEMF NeoRhythm up to 20260308. This affects an unknown function of the component BLE Interface. Such manipulation leads to missing authentication. The... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-24317 SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a mali... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-31878 Frappe is a full-stack web application framework. Prior to 14.100.1, 15.100.0, and 16.6.0, a malicious user could send a crafted request to an endpoint which would lead to the server making an HTTP ca... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-31798 JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v4.10.16-lts, JumpServer improperly validates certificates in the Custom SMS API Client. When... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-1713 IBM MQ 9.1.0.0 through 9.1.0.33 LTS, 9.2.0.0 through 9.2.0.40 LTS, 9.3.0.0 through 9.3.0.36 LTS, 9.30.0 through 9.3.5.1 CD, 9.4.0.0 through 9.4.0.17 LTS, and 9.4.0.0 through 9.4.4.1 CD | 5.0 | MEDIUM | β | 0 |
| CVE-2026-39418 MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto() with the MSG_FASTOPEN flag. This allows authentica... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-3216 Server-Side Request Forgery (SSRF) vulnerability in Drupal Drupal Canvas allows Server Side Request Forgery.This issue affects Drupal Canvas: from 0.0.0 before 1.1.1. | 5.0 | MEDIUM | β | 0 |
| CVE-2026-40971 When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to the RabbitMQ broker. Affected: Spring Boot 4.0.0β4.0.5 (fix 4... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-41232 Froxlor is open source server administration software. Prior to version 2.3.6, in `EmailSender::add()`, the domain ownership validation for full email sender aliases uses the wrong array index when sp... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34881 OpenStack Glance before 29.1.1, 30.x before 30.1.1, and 31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of HTTP redirects, an authenticated user can bypass URL validation checks and r... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-4925 Improper access control in the users MFA feature in Devolutions Server allows an authenticated user to bypass administrator-enforced restrictions and remove their own multi-factor authentication (MFA)... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-5704 A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-20988 Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is requir... | 5.0 | MEDIUM | β | 0 |
| CVE-2025-13995 IBM QRadar SIEMΒ 7.5.0 through 7.5.0 Update Package 14 could allow an attacker with access to one tenant to access hostname data from another tenant's account. | 5.0 | MEDIUM | β | 0 |
| CVE-2025-9572 n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the Graph... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-33294 WWBN AVideo is an open source video platform. Prior to version 26.0, the BulkEmbed plugin's save endpoint (`plugin/BulkEmbed/save.json.php`) fetches user-supplied thumbnail URLs via `url_get_contents(... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34983 Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be trigg... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-29107 SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and 8.9.3, it is possible to create PDF templates with `<img>` tags. ... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-5175 Improper access control in the multi-factor authentication (MFA) management API in Devolutions Server allows an authenticated attacker to delete their own configured MFA factors and reduce account pro... | 5.0 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.