Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-34083 Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.24.0, SignalK Server contains a code-level vulnerability in its OIDC login and logout handlers where th... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-70844 yaffa v2.0.0 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript into the "Add Account Group" function on the account-group page, allowing execution of arbitrary s... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-61166 An open redirect in Ascertia SigningHub User v10.0 allows attackers to redirect users to a malicious site via a crafted URL. | 6.1 | MEDIUM | β | 0 |
| CVE-2024-51226 A stored cross-site scripting (XSS) vulnerability in the component /admin/search-vehicle.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HT... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-20170 A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed thi... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-13910 The WP-WebAuthn plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the `wwa_auth` AJAX endpoint in all versions up to, and including, 1.3.4 due to insufficient input... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-27646 OpenClaw versions prior to 2026.3.7 contain a sandbox escape vulnerability in the /acp spawn command that allows authorized sandboxed sessions to initialize host-side ACP runtime. Attackers can bypass... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-33548 Mantis Bug Tracker (MantisBT) is an open source issue tracker. In version 2.28.0, improper escaping of tag names retrieved from History in Timeline (my_view_page.php) allows an attacker to inject HTML... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-34606 Frappe Learning Management System (LMS) is a learning system that helps users structure their content. From version 2.27.0 to before version 2.48.0, Frappe LMS was vulnerable to stored XSS. This issue... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-33517 Mantis Bug Tracker (MantisBT) is an open source issue tracker. In version 2.28.0, when deleting a Tag (tag_delete.php), improper escaping of its name when displaying the confirmation message allows an... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-33883 Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.16 and 6.7.2, the `user:reset_password_form` tag could render user-input directly into HTML without escapi... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-34257 Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the pag... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-4305 The Royal WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpr_pending_template' parameter in all versions up to, and including, 1.0.16 d... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-5226 The Optimole β Optimize Images in Real Time plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL paths in versions up to, and including, 4.2.3 This is due to insufficient outpu... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-2723 The Post Snippits plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation on the settings page handlers for ... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-3217 Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal SAML SSO - Service Provider allows Cross-Site Scripting (XSS).This issue affects SAML SSO -... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-20136 A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, local attacker with administrative privileges t... | 6.0 | MEDIUM | β | 0 |
| CVE-2026-32037 OpenClaw versions prior to 2026.2.22 fail to consistently validate redirect chains against configured mediaAllowHosts allowlists during MSTeams media downloads. Attackers can supply or influence attac... | 6.0 | MEDIUM | β | 0 |
| CVE-2026-34765 Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, when a renderer calls window.open() with a ... | 6.0 | MEDIUM | β | 0 |
| CVE-2026-35572 ChurchCRM is an open-source church management system. Prior to 6.5.3, it is possible to trigger server-side HTTP/HTTPS requests to arbitrary hosts (SSRF) by supplying a crafted URL in the Referer requ... | 6.0 | MEDIUM | β | 0 |
| CVE-2026-39810 A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump. | 6.0 | MEDIUM | β | 0 |
| CVE-2026-40091 SpiceDB is an open source database system for creating and managing security-critical application permissions. In versions 1.49.0 through 1.51.0, when SpiceDB starts with log level info, the startup "... | 6.0 | MEDIUM | β | 0 |
| CVE-2025-68649 An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all ... | 6.0 | MEDIUM | β | 0 |
| CVE-2026-22615 Due to improper input validation in one of the Eaton Intelligent Power Protector (IPP) XML, it is possible for an attacker with admin privileges and access to the local system to inject malicious code... | 6.0 | MEDIUM | β | 0 |
| CVE-2026-5525 A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop handler component. When a user drags and drops a directory path of exactly 259 characters without a trail... | 6.0 | MEDIUM | β | 0 |
| CVE-2026-39670 Server-Side Request Forgery (SSRF) vulnerability in Brecht Visual Link Preview visual-link-preview allows Server Side Request Forgery.This issue affects Visual Link Preview: from n/a through <= 2.3.0. | 6.0 | MEDIUM | β | 0 |
| CVE-2025-12624 Active access tokens are not revoked or invalidated when a user account is locked within WSO2 Identity Server. This failure to enforce revocation allows previously issued, valid tokens to remain usabl... | 6.0 | MEDIUM | β | 0 |
| CVE-2025-61624 An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') [CWE-22] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions,... | 6.0 | MEDIUM | β | 0 |
| CVE-2026-34043 Serialize JavaScript to a superset of JSON that includes regular expressions and functions. Prior to version 7.0.5, there is a Denial of Service (DoS) vulnerability caused by CPU exhaustion. When seri... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-34610 The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lc_x509_extract_name_segment() casts size_t vlen to uin... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-34760 vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before version 0.18.0, Librosa defaults to using numpy.mean for mono downmixing (to_mono), while the int... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-39615 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shahjada Download Manager download-manager allows Stored XSS.This issue affects Download Manager: ... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-28263 Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-29106 SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and 8.9.3, the value of the return_id request parameter is copied int... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-35597 Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the TOTP failed-attempt lockout mechanism is non-functional due to a database transaction handling bug. When a TOTP vali... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-40265 Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset download endpoint at /api/notes/{noteID}/assets/{assetID} is registered without authentication middleware, ... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-26073 EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible `std::queue`/`std::deque` corruption. The trigger is powermeter public key update and EV sess... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-28298 SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution. | 5.9 | MEDIUM | β | 0 |
| CVE-2026-33319 WWBN AVideo is an open source video platform. Prior to version 26.0, the `uploadVideoToLinkedIn()` method in the SocialMediaPublisher plugin constructs a shell command by directly interpolating an upl... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-34085 fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontC... | 5.9 | MEDIUM | β | 0 |
| CVE-2025-55266 HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and use it carry out unauthorized transaction behalf of the user. | 5.9 | MEDIUM | β | 0 |
| CVE-2026-22618 A security misconfiguration was identified in Eaton Intelligent Power Protector (IPP), where an HTTP response header was set with an insecure attribute, potentially exposing users to webβbased attacks... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-33985 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-27853 An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the DNSQuestion:changeName or DNSResponse:changeName methods in custom Lua code. In some... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-28886 A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-33946 MCP Ruby SDK is the official Ruby SDK for Model Context Protocol servers and clients. Prior to version 0.9.2, the Ruby SDK's streamable_http_transport.rb implementation contains a session hijacking vu... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-4603 Versions of the package jsrsasign before 11.1.1 are vulnerable to Division by zero due to the RSASetPublic/KEYUTIL parsing path in ext/rsa.js and the BigInteger.modPowInt reduction logic in ext/jsbn.j... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-32039 OpenClaw versions prior to 2026.2.22 contain an authorization bypass vulnerability in the toolsBySender group policy matching that allows attackers to inherit elevated tool permissions through identif... | 5.9 | MEDIUM | β | 0 |
| CVE-2025-64648 IBM Concert 1.0.0 through 2.2.0 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques. | 5.9 | MEDIUM | β | 0 |
| CVE-2026-35670 OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies to unintended users by exploiting mutable username matching instead of stable num... | 5.9 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.