Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-2454 Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to handle incorrectly reported array lengths which allows malicious user to cause OOM errors and crash the server via s... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-29522 ZwickRoell Test Data Management versions prior toΒ 3.0.8 contain a local file inclusion (LFI) vulnerability in the /server/node_upgrade_srv.js endpoint. An unauthenticated attacker can supply directory... | N/A | NONE | β | 0 |
| CVE-2026-26230 Mattermost versions 10.11.x <= 10.11.10 fail to properly validate permission requirements in the team member roles API endpoint which allows team administrators to demote members to guest role. Matter... | 3.8 | LOW | β | 0 |
| CVE-2026-1629 Mattermost versions 10.11.x <= 10.11.10 Fail to invalidate cached permalink preview data when a user loses channel access which allows the user to continue viewing private channel content via previous... | 4.3 | MEDIUM | β | 0 |
| CVE-2025-69902 A command injection vulnerability in the minimal_wrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharacters. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-50881 The `flow/admin/moniteur.php` script in Use It Flow administration website before 10.0.0 is vulnerable to Remote Code Execution. When handling GET requests, the script takes user-supplied input from t... | 8.8 | HIGH | β | 0 |
| CVE-2026-32267 Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.6 and from version 5.0.0-RC1 to before version 5.9.12, a low-privilege user (or an unauthenticated user wh... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32264 Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.5 and from version 5.0.0-RC1 to before version 5.9.11, there is a Behavior injection RCE vulnerability in ... | 7.2 | HIGH | β | 0 |
| CVE-2026-32263 Craft CMS is a content management system (CMS). From version 5.6.0 to before version 5.9.11, in src/controllers/EntryTypesController.php, the $settings array from parse_str is passed directly to Craft... | 7.2 | HIGH | β | 0 |
| CVE-2026-32262 Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.5 and from version 5.0.0-RC1 to before version 5.9.11, the AssetsController->replaceFile() method has a ta... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-30882 Chamilo LMS is a learning management system. Chamilo LMS version 1.11.34 and prior contains a Reflected Cross-Site Scripting (XSS) vulnerability in the session category listing page. The keyword param... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-30881 Chamilo LMS is a learning management system. Version 1.11.34 and prior contains a SQL Injection vulnerability in the statistics AJAX endpoint. The parameters date_start and date_end from $_REQUEST are... | 8.8 | HIGH | β | 0 |
| CVE-2026-30876 Chamilo LMS is a learning management system. Prior to version 1.11.36, Chamilo is vulnerable to user enumeration with valid/invalid username. This issue has been patched in version 1.11.36. | 5.3 | MEDIUM | β | 0 |
| CVE-2026-30875 Chamilo LMS is a learning management system. Prior to version 1.11.36, an arbitrary file upload vulnerability in the H5P Import feature allows authenticated users with Teacher role to achieve Remote C... | 8.8 | HIGH | β | 0 |
| CVE-2026-29516 Buffalo TeraStation NAS TS5400R firmware version 4.02-0.06 and prior contain an excessive file permissions vulnerability that allows authenticated attackers to read the /etc/shadow file by uploading a... | 4.9 | MEDIUM | β | 0 |
| CVE-2026-28430 Chamilo LMS is a learning management system. Prior to version 1.11.34, there is an unauthenticated SQL injection vulnerability which allows remote attackers to execute arbitrary SQL commands via the c... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26304 Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2 fail to verify run_create permission for empty playbookId, which allows team members to create unauthorized runs via the playbook run API. Matter... | 4.3 | MEDIUM | β | 0 |
| CVE-2025-69693 Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder (libavcodec/rv60dec.c). The quantization parameter (qp) validation at line 2267 only checks the lower bound (qp < 0) but is missing upper ... | 5.4 | MEDIUM | β | 0 |
| CVE-2025-68971 In Forgejo through 13.0.3, the attachment component allows a denial of service by uploading a multi-gigabyte file attachment (e.g., to be associated with an issue or a release). | 6.5 | MEDIUM | β | 0 |
| CVE-2026-32261 Webhooks for Craft CMS plugin adds the ability to manage βwebhooksβ in Craft CMS, which will send GET or POST requests when certain events occur. From version 3.0.0 to before version 3.2.0, the Webhoo... | N/A | NONE | β | 0 |
| CVE-2025-69809 A write-what-where condition in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to write arbitrary values to memory, enabling arbitrary code execution via a crafted packet. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69808 An out-of-bounds memory access (OOB) in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to access sensitive information and cause a Denial of Service (DoS) via supplying a crafted packet. | 9.1 | CRITICAL | β | 0 |
| CVE-2025-69727 An Incorrect Access Control vulnerability exists in INDEX-EDUCATION PRONOTE prior to 2025.2.8. The affected components (index.js and composeUrlImgPhotoIndividu) allow the construction of direct URLs t... | 5.3 | MEDIUM | β | 0 |
| CVE-2025-69196 FastMCP is the standard framework for building MCP applications. Prior to version 2.14.2, the server does not properly respect the resource parameter submitted by the client in the authorization and t... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-4269 A missing S3 ownership verification in the Bedrock AgentCore Starter Toolkit before version v0.1.13 may allow a remote actor to inject code during the build process, leading to code execution in the A... | 7.5 | HIGH | β | 0 |
| CVE-2026-4254 A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerability affects the function doSystemCmd of the file /goform/SysToolChangePwd of the component HTTP Endpoint. This manipulatio... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4253 A security flaw has been discovered in Tenda AC8 16.03.50.11. This affects the function route_set_user_policy_rule of the file /cgi-bin/UploadCfg of the component Web Interface. The manipulation of th... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-4224 When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs. | N/A | NONE | β | 0 |
| CVE-2026-3644 The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control character... | N/A | NONE | β | 0 |
| CVE-2026-29521 Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in s... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-29520 Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a reflected cross-site scripting vulnerability in the Network Diagnosis ping function that allows attackers to execute arbitrary JavaScript... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-29513 Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a stored cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by manipulating the Device L... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-29510 Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a stored cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by manipulating the Device N... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-28498 Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation ... | 7.5 | HIGH | β | 0 |
| CVE-2026-28490 Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a cryptographic padding oracle vulnerability was identified in the Authlib Python library concerning ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27962 Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a JWK Header Injection vulnerability in authlib's JWS implementation allows an unauthenticated attack... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-23862 Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local... | 7.8 | HIGH | β | 0 |
| CVE-2026-23489 Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to version 1.23.3, it is possible to execute arbitrary PHP code from users that are allowed to create dropdown... | 9.1 | CRITICAL | β | 0 |
| CVE-2025-69768 SQL Injection vulnerability in Chyrp v.2.5.2 and before allows a remote attacker to obtain sensitive information via the Admin.php component | 7.5 | HIGH | β | 0 |
| CVE-2025-66687 Doom Launcher 3.8.1.0 is vulnerable to Directory Traversal due to missing file path validation during the extraction of game files | 7.5 | HIGH | β | 0 |
| CVE-2026-4270 Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions >= 0.2.14 and < 1.3.9 on all platforms may allow the bypass of intended file access... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-4252 A vulnerability was identified in Tenda AC8 16.03.50.11. Affected by this issue is the function check_is_ipv6 of the component IPv6 Handler. The manipulation leads to reliance on ip address for authen... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4251 A vulnerability was determined in CityData CityChat up to 0.12.6 on Android. Affected by this vulnerability is an unknown functionality of the file resources/assets/flutter_assets/assets/credentials.j... | 2.5 | LOW | β | 0 |
| CVE-2026-30405 An issue in GoBGP gobgpd v.4.2.0 allows a remote attacker to cause a denial of service via the NEXT_HOP path attribute | 7.5 | HIGH | β | 0 |
| CVE-2025-65734 An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a c... | 5.4 | MEDIUM | β | 0 |
| CVE-2025-54758 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2025. No... | N/A | NONE | β | 0 |
| CVE-2025-53815 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2025. No... | N/A | NONE | β | 0 |
| CVE-2025-53517 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2025. No... | N/A | NONE | β | 0 |
| CVE-2026-4276 LibreChat RAG API, version 0.7.0, contains a log-injection vulnerability that allows attackers to forge log entries. | 7.5 | HIGH | β | 0 |
| CVE-2026-4250 A vulnerability was found in Albert SaΔlΔ±k Hizmetleri ve Ticaret Albert Health up to 1.7.3 on Android. Affected is an unknown function of the file resources/assets/service-account.json of the componen... | 2.5 | LOW | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.