Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-34163 FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, FastGPT's MCP (Model Context Protocol) tools endpoints (/api/core/app/mcpTools/getTools and /api/core/app/mcpTools/runTool) accept ... | 7.7 | HIGH | β | 0 |
| CVE-2026-34746 Payload is a free and open source headless content management system. Prior to version 3.79.1, an authenticated Server-Side Request Forgery (SSRF) vulnerability exists in the upload functionality. Aut... | 7.7 | HIGH | β | 0 |
| CVE-2026-33544 Tinyauth is an authentication and authorization server. Prior to version 5.0.5, all three OAuth service implementations (GenericOAuthService, GithubOAuthService, GoogleOAuthService) store PKCE verifie... | 7.7 | HIGH | β | 0 |
| CVE-2026-28521 arduino-TuyaOpen before version 1.2.1 contains an out-of-bounds memory read vulnerability in the TuyaIoT component. An attacker who hijacks or controls the Tuya cloud service can issue malicious DP ev... | 7.7 | HIGH | β | 0 |
| CVE-2026-2092 A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An atta... | 7.7 | HIGH | β | 0 |
| CVE-2026-30953 LinkAce is a self-hosted archive to collect website links. When a user creates a link via POST /links, the server fetches HTML metadata from the provided URL (LinkRepository::create() calls HtmlMeta::... | 7.7 | HIGH | β | 0 |
| CVE-2026-32121 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, Stored XSS in prescription CSS/HTML print view via patient demographics. Tha... | 7.7 | HIGH | β | 0 |
| CVE-2026-22664 prompts.chat prior to commit 30a8f04 contains a server-side request forgery vulnerability in Fal.ai media status polling that allows authenticated users to perform arbitrary outbound requests by suppl... | 7.7 | HIGH | β | 0 |
| CVE-2026-35409 Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.0, a Server-Side Request Forgery (SSRF) protection bypass has been identified and fixed in Directus. The... | 7.7 | HIGH | β | 0 |
| CVE-2026-34769 Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, an undocumented commandLineSwitches... | 7.7 | HIGH | β | 0 |
| CVE-2026-21887 OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.8.16, the OpenCTI platformβs data ingestion feature accepts user-supplied URLs without v... | 7.7 | HIGH | β | 0 |
| CVE-2026-35187 pyLoad is a free and open-source download manager written in Python. In 0.5.0b3.dev96 and earlier, the parse_urls API function in src/pyload/core/api/__init__.py fetches arbitrary URLs server-side via... | 7.7 | HIGH | β | 0 |
| CVE-2026-25835 Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG). | 7.7 | HIGH | β | 0 |
| CVE-2026-31881 Runtipi is a personal homeserver orchestrator. Prior to 4.8.0, an unauthenticated attacker can reset the operator (admin) password when a password-reset request is active, resulting in full account ta... | 7.7 | HIGH | β | 0 |
| CVE-2026-32131 ZITADEL is an open source identity management platform. Prior to 3.4.8 and 4.12.2, a vulnerability in Zitadel's Management API has been reported, which allowed authenticated users holding a valid low-... | 7.7 | HIGH | β | 0 |
| CVE-2026-32123 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, sensitivity checks for group encounters are broken because the code only cons... | 7.7 | HIGH | β | 0 |
| CVE-2026-27689 Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function... | 7.7 | HIGH | β | 0 |
| CVE-2026-34936 PraisonAI is a multi-agent teams system. Prior to version 4.5.90, passthrough() and apassthrough() in praisonai accept a caller-controlled api_base parameter that is concatenated with endpoint and pas... | 7.7 | HIGH | β | 0 |
| CVE-2026-31801 zot is ancontainer image/artifact registry based on the Open Container Initiative Distribution Specification. From 1.3.0 to 2.1.14, zotβs dist-spec authorization middleware infers the required action ... | 7.7 | HIGH | β | 0 |
| CVE-2026-30929 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MagnifyImage uses a fixed-size stack buffer. When using a speci... | 7.7 | HIGH | β | 0 |
| CVE-2026-2995 GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to add email addr... | 7.7 | HIGH | β | 0 |
| CVE-2026-35533 mise manages dev tools like node, python, cmake, and terraform. From 2026.2.18 through 2026.4.5, mise loads trust-control settings from a local project .mise.toml before the trust check runs. An attac... | 7.7 | HIGH | β | 0 |
| CVE-2024-51346 An issue in Eufy Homebase 2 version 3.3.4.1h allows a local attacker to obtain sensitive information via the cryptographic scheme. | 7.7 | HIGH | β | 0 |
| CVE-2026-24969 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in designingmedia Instant VA instantva allows Path Traversal.This issue affects Instant VA: from n/a throug... | 7.7 | HIGH | β | 0 |
| CVE-2026-32064 OpenClaw versions prior to 2026.2.21 sandbox browser entrypoint launches x11vnc without authentication for noVNC observer sessions, allowing unauthenticated access to the VNC interface. Remote attacke... | 7.7 | HIGH | β | 0 |
| CVE-2026-34056 OpenEMR is a free and open source electronic health records and medical practice management application. A Broken Access Control vulnerability in OpenEMR up to and including version 8.0.0.3 allows low... | 7.7 | HIGH | β | 0 |
| CVE-2026-33913 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an authenticated user with access to the Carecoordination module can ... | 7.7 | HIGH | β | 0 |
| CVE-2026-22558 An Authenticated NoSQL Injection vulnerability found in UniFi Network Application could allow a malicious actor with authenticated access to the network to escalate privileges. | 7.7 | HIGH | β | 0 |
| CVE-2026-24970 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in designingmedia Energox energox allows Path Traversal.This issue affects Energox: from n/a through <= 1.2... | 7.7 | HIGH | β | 0 |
| CVE-2026-31891 Cockpit is a headless content management system. Any Cockpit CMS instance running version 2.13.4 or earlier with API access enabled is potentially affected by a a SQL Injection vulnerability in the Mo... | 7.7 | HIGH | β | 0 |
| CVE-2026-33399 Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.7.0, the SSRF fix applied in version 4.6.2 for CVE-2026-30839 and CVE-2026-30840 is incomplete. The validate_w... | 7.7 | HIGH | β | 0 |
| CVE-2026-20125 A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly, ... | 7.7 | HIGH | β | 0 |
| CVE-2026-39361 OpenObserve is a cloud-native observability platform. In 0.70.3 and earlier, the validate_enrichment_url function in src/handler/http/request/enrichment_table/mod.rs fails to block IPv6 addresses beca... | 7.7 | HIGH | β | 0 |
| CVE-2026-32441 Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ... | 7.7 | HIGH | β | 0 |
| CVE-2026-25086 Under certain conditions, an attacker could bind to the same port used by WebCTRL. This could allow the attacker to craft and send malicious packets and impersonate the WebCTRL service without requi... | 7.7 | HIGH | β | 0 |
| CVE-2026-5301 Stored XSS in log viewer in CoolerControl/coolercontrol-ui <4.0.0 allows unauthenticated attackers to take over the service via malicious JavaScript in poisoned log entries | 7.6 | HIGH | β | 0 |
| CVE-2026-33918 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the billing file-download endpoint `interface/billing/get_claim_file.... | 7.6 | HIGH | β | 0 |
| CVE-2026-33932 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a stored cross-site scripting vulnerability in the CCDA document prev... | 7.6 | HIGH | β | 0 |
| CVE-2026-32317 Cryptomator for Android offers multi-platform transparent client-side encryption for files in the cloud. Prior to version 1.12.3, an integrity check vulnerability allows an attacker tamper with the va... | 7.6 | HIGH | β | 0 |
| CVE-2026-2476 Mattermost Plugins versions <=2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported confi... | 7.6 | HIGH | β | 0 |
| CVE-2026-33650 WWBN AVideo is an open source video platform. In versions up to and including 26.0, a user with the "Videos Moderator" permission can escalate privileges to perform full video management operations β ... | 7.6 | HIGH | β | 0 |
| CVE-2026-22181 OpenClaw versions prior to 2026.3.2 contain a DNS pinning bypass vulnerability in strict URL fetch paths that allows attackers to circumvent SSRF guards when environment proxy variables are configured... | 7.6 | HIGH | β | 0 |
| CVE-2026-39369 WWBN AVideo is an open source video platform. In versions 26.0 and prior, objects/aVideoEncoderReceiveImage.json.php allowed an authenticated uploader to fetch attacker-controlled same-origin /videos/... | 7.6 | HIGH | β | 0 |
| CVE-2024-42210 A Stored cross-site scripting (XSS) vulnerability affects HCL Unica Marketing Operations v12.1.8 and lower. Β Stored cross-site scripting (also known as second-order or persistent XSS) arises when an a... | 7.6 | HIGH | β | 0 |
| CVE-2026-32318 Cryptomator for IOS offers multi-platform transparent client-side encryption for files in the cloud. Prior to version 2.8.3, an integrity check vulnerability allows an attacker tamper with the vault c... | 7.6 | HIGH | β | 0 |
| CVE-2026-32303 Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.1, an integrity check vulnerability allows an attacker to tamper with the vault configuration file leading to a ma... | 7.6 | HIGH | β | 0 |
| CVE-2026-32055 OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that allows attackers to write files outside the workspace through in-workspace symlinks po... | 7.6 | HIGH | β | 0 |
| CVE-2026-24750 Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, an authenticated attacker could exploit an Improper Neutralization of Input During Web Page Generation... | 7.6 | HIGH | β | 0 |
| CVE-2026-32749 SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart f... | 7.6 | HIGH | β | 0 |
| CVE-2026-33354 WWBN AVideo is an open source video platform. In versions up to and including 26.0, `POST /objects/aVideoEncoder.json.php` accepts a requester-controlled `chunkFile` parameter intended for staged uplo... | 7.6 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.